Action not permitted
Modal body text goes here.
cve-2020-14307
Vulnerability from cvelistv5
Published
2020-07-24 00:00
Modified
2024-08-04 12:39
Severity ?
EPSS score ?
Summary
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307 | Issue Tracking, Third Party Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:39:36.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "wildfly",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "jboss-ejb-client versions shipped with Red Hat JBoss EAP 7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-14307",
"datePublished": "2020-07-24T00:00:00",
"dateReserved": "2020-06-17T00:00:00",
"dateUpdated": "2024-08-04T12:39:36.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-14307\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-07-24T16:15:11.897\",\"lastModified\":\"2023-02-12T23:39:57.763\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en Wildfly\u0027s Enterprise Java Beans (EJB) versiones incluidas con Red Hat JBoss EAP 7, donde SessionOpenInvocations nunca es eliminada del InvocationTracker remoto despu\u00e9s que una respuesta es recibida en el EJB Client, as\u00ed como en el servidor. Este fallo permite a un atacante dise\u00f1ar un ataque de denegaci\u00f3n de servicio para hacer que el servicio no est\u00e9 disponible\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-404\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6D3AF88-5812-4BB6-871F-C0EA39AD66AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEFE06C8-4BF0-4EC0-A848-BF16CFCCDA57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A305F012-544E-4245-9D69-1C8CD37748B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A33441B3-B301-426C-A976-08CE5FE72EFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2020_3142
Vulnerability from csaf_redhat
Published
2020-07-23 20:37
Modified
2024-11-05 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for the Infinispan package in Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.
Security Fix(es):
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the Infinispan package in Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3142",
"url": "https://access.redhat.com/errata/RHSA-2020:3142"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3142.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:30:13+00:00",
"generator": {
"date": "2024-11-05T22:30:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3142",
"initial_release_date": "2020-07-23T20:37:36+00:00",
"revision_history": [
{
"date": "2020-07-23T20:37:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-23T20:37:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:30:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.8-6.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.8-6.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.8-6.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.8-6.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.8-6.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.8-6.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.8-6.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.8-6.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.8-6.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:37:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3142"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:37:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3142"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:37:36+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3142"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.8-6.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.8-6.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3639
Vulnerability from csaf_redhat
Published
2020-09-07 12:58
Modified
2024-11-05 22:40
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
• wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n\u2022 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3639",
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-18366",
"url": "https://issues.redhat.com/browse/JBEAP-18366"
},
{
"category": "external",
"summary": "JBEAP-18667",
"url": "https://issues.redhat.com/browse/JBEAP-18667"
},
{
"category": "external",
"summary": "JBEAP-18849",
"url": "https://issues.redhat.com/browse/JBEAP-18849"
},
{
"category": "external",
"summary": "JBEAP-18880",
"url": "https://issues.redhat.com/browse/JBEAP-18880"
},
{
"category": "external",
"summary": "JBEAP-18906",
"url": "https://issues.redhat.com/browse/JBEAP-18906"
},
{
"category": "external",
"summary": "JBEAP-18919",
"url": "https://issues.redhat.com/browse/JBEAP-18919"
},
{
"category": "external",
"summary": "JBEAP-18965",
"url": "https://issues.redhat.com/browse/JBEAP-18965"
},
{
"category": "external",
"summary": "JBEAP-19040",
"url": "https://issues.redhat.com/browse/JBEAP-19040"
},
{
"category": "external",
"summary": "JBEAP-19058",
"url": "https://issues.redhat.com/browse/JBEAP-19058"
},
{
"category": "external",
"summary": "JBEAP-19120",
"url": "https://issues.redhat.com/browse/JBEAP-19120"
},
{
"category": "external",
"summary": "JBEAP-19255",
"url": "https://issues.redhat.com/browse/JBEAP-19255"
},
{
"category": "external",
"summary": "JBEAP-19271",
"url": "https://issues.redhat.com/browse/JBEAP-19271"
},
{
"category": "external",
"summary": "JBEAP-19315",
"url": "https://issues.redhat.com/browse/JBEAP-19315"
},
{
"category": "external",
"summary": "JBEAP-19463",
"url": "https://issues.redhat.com/browse/JBEAP-19463"
},
{
"category": "external",
"summary": "JBEAP-19565",
"url": "https://issues.redhat.com/browse/JBEAP-19565"
},
{
"category": "external",
"summary": "JBEAP-19587",
"url": "https://issues.redhat.com/browse/JBEAP-19587"
},
{
"category": "external",
"summary": "JBEAP-19620",
"url": "https://issues.redhat.com/browse/JBEAP-19620"
},
{
"category": "external",
"summary": "JBEAP-19624",
"url": "https://issues.redhat.com/browse/JBEAP-19624"
},
{
"category": "external",
"summary": "JBEAP-19703",
"url": "https://issues.redhat.com/browse/JBEAP-19703"
},
{
"category": "external",
"summary": "JBEAP-19704",
"url": "https://issues.redhat.com/browse/JBEAP-19704"
},
{
"category": "external",
"summary": "JBEAP-19798",
"url": "https://issues.redhat.com/browse/JBEAP-19798"
},
{
"category": "external",
"summary": "JBEAP-19837",
"url": "https://issues.redhat.com/browse/JBEAP-19837"
},
{
"category": "external",
"summary": "JBEAP-19875",
"url": "https://issues.redhat.com/browse/JBEAP-19875"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3639.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 security update",
"tracking": {
"current_release_date": "2024-11-05T22:40:31+00:00",
"generator": {
"date": "2024-11-05T22:40:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3639",
"initial_release_date": "2020-09-07T12:58:06+00:00",
"revision_history": [
{
"date": "2020-09-07T12:58:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-07T12:58:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:40:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.2.5-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-4.Final_redhat_00004.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.2.5-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 8",
"product_id": "8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"acknowledgments": [
{
"names": [
"Mirko Selber"
],
"organization": "Compass Security"
}
],
"cve": "CVE-2020-1695",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server\u0027s response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1695"
},
{
"category": "external",
"summary": "RHBZ#1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"acknowledgments": [
{
"names": [
"An Trinh"
]
}
],
"cve": "CVE-2020-6950",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6950"
},
{
"category": "external",
"summary": "RHBZ#1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950"
},
{
"category": "external",
"summary": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/issues/4571",
"url": "https://github.com/eclipse-ee4j/mojarra/issues/4571"
},
{
"category": "external",
"summary": "https://github.com/javaserverfaces/mojarra/issues/4364",
"url": "https://github.com/javaserverfaces/mojarra/issues/4364"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371"
},
{
"cve": "CVE-2020-8840",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8840"
},
{
"category": "external",
"summary": "RHBZ#1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking"
},
{
"cve": "CVE-2020-9546",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in shaded-hikari-config",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9546"
},
{
"category": "external",
"summary": "RHBZ#1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in shaded-hikari-config"
},
{
"cve": "CVE-2020-9547",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in ibatis-sqlmap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9547"
},
{
"category": "external",
"summary": "RHBZ#1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in ibatis-sqlmap"
},
{
"cve": "CVE-2020-9548",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in anteros-core",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9548"
},
{
"category": "external",
"summary": "RHBZ#1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in anteros-core"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:06+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3637
Vulnerability from csaf_redhat
Published
2020-09-07 12:57
Modified
2024-11-05 22:40
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
• wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n\u2022 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3637",
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-18366",
"url": "https://issues.redhat.com/browse/JBEAP-18366"
},
{
"category": "external",
"summary": "JBEAP-18667",
"url": "https://issues.redhat.com/browse/JBEAP-18667"
},
{
"category": "external",
"summary": "JBEAP-18849",
"url": "https://issues.redhat.com/browse/JBEAP-18849"
},
{
"category": "external",
"summary": "JBEAP-18880",
"url": "https://issues.redhat.com/browse/JBEAP-18880"
},
{
"category": "external",
"summary": "JBEAP-18906",
"url": "https://issues.redhat.com/browse/JBEAP-18906"
},
{
"category": "external",
"summary": "JBEAP-18919",
"url": "https://issues.redhat.com/browse/JBEAP-18919"
},
{
"category": "external",
"summary": "JBEAP-18965",
"url": "https://issues.redhat.com/browse/JBEAP-18965"
},
{
"category": "external",
"summary": "JBEAP-19038",
"url": "https://issues.redhat.com/browse/JBEAP-19038"
},
{
"category": "external",
"summary": "JBEAP-19058",
"url": "https://issues.redhat.com/browse/JBEAP-19058"
},
{
"category": "external",
"summary": "JBEAP-19120",
"url": "https://issues.redhat.com/browse/JBEAP-19120"
},
{
"category": "external",
"summary": "JBEAP-19255",
"url": "https://issues.redhat.com/browse/JBEAP-19255"
},
{
"category": "external",
"summary": "JBEAP-19271",
"url": "https://issues.redhat.com/browse/JBEAP-19271"
},
{
"category": "external",
"summary": "JBEAP-19315",
"url": "https://issues.redhat.com/browse/JBEAP-19315"
},
{
"category": "external",
"summary": "JBEAP-19463",
"url": "https://issues.redhat.com/browse/JBEAP-19463"
},
{
"category": "external",
"summary": "JBEAP-19565",
"url": "https://issues.redhat.com/browse/JBEAP-19565"
},
{
"category": "external",
"summary": "JBEAP-19587",
"url": "https://issues.redhat.com/browse/JBEAP-19587"
},
{
"category": "external",
"summary": "JBEAP-19620",
"url": "https://issues.redhat.com/browse/JBEAP-19620"
},
{
"category": "external",
"summary": "JBEAP-19624",
"url": "https://issues.redhat.com/browse/JBEAP-19624"
},
{
"category": "external",
"summary": "JBEAP-19703",
"url": "https://issues.redhat.com/browse/JBEAP-19703"
},
{
"category": "external",
"summary": "JBEAP-19704",
"url": "https://issues.redhat.com/browse/JBEAP-19704"
},
{
"category": "external",
"summary": "JBEAP-19798",
"url": "https://issues.redhat.com/browse/JBEAP-19798"
},
{
"category": "external",
"summary": "JBEAP-19837",
"url": "https://issues.redhat.com/browse/JBEAP-19837"
},
{
"category": "external",
"summary": "JBEAP-19875",
"url": "https://issues.redhat.com/browse/JBEAP-19875"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3637.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 security update",
"tracking": {
"current_release_date": "2024-11-05T22:40:48+00:00",
"generator": {
"date": "2024-11-05T22:40:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3637",
"initial_release_date": "2020-09-07T12:57:26+00:00",
"revision_history": [
{
"date": "2020-09-07T12:57:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-07T12:57:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:40:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.2.5-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-4.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.9-4.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.9-4.GA_redhat_00003.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.2.5-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"acknowledgments": [
{
"names": [
"Mirko Selber"
],
"organization": "Compass Security"
}
],
"cve": "CVE-2020-1695",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server\u0027s response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1695"
},
{
"category": "external",
"summary": "RHBZ#1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"acknowledgments": [
{
"names": [
"An Trinh"
]
}
],
"cve": "CVE-2020-6950",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6950"
},
{
"category": "external",
"summary": "RHBZ#1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950"
},
{
"category": "external",
"summary": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/issues/4571",
"url": "https://github.com/eclipse-ee4j/mojarra/issues/4571"
},
{
"category": "external",
"summary": "https://github.com/javaserverfaces/mojarra/issues/4364",
"url": "https://github.com/javaserverfaces/mojarra/issues/4364"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371"
},
{
"cve": "CVE-2020-8840",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8840"
},
{
"category": "external",
"summary": "RHBZ#1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking"
},
{
"cve": "CVE-2020-9546",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in shaded-hikari-config",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9546"
},
{
"category": "external",
"summary": "RHBZ#1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in shaded-hikari-config"
},
{
"cve": "CVE-2020-9547",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in ibatis-sqlmap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9547"
},
{
"category": "external",
"summary": "RHBZ#1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in ibatis-sqlmap"
},
{
"cve": "CVE-2020-9548",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in anteros-core",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9548"
},
{
"category": "external",
"summary": "RHBZ#1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in anteros-core"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:57:26+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3144
Vulnerability from csaf_redhat
Published
2020-07-23 20:20
Modified
2024-11-05 22:29
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for the Infinispan package in Red Hat JBoss Enterprise Application Platform 7.2.
Security Fix(es):
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for the Infinispan package in Red Hat JBoss Enterprise Application Platform 7.2.\n\nSecurity Fix(es):\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3144",
"url": "https://access.redhat.com/errata/RHSA-2020:3144"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3144.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:29:30+00:00",
"generator": {
"date": "2024-11-05T22:29:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3144",
"initial_release_date": "2020-07-23T20:20:57+00:00",
"revision_history": [
{
"date": "2020-07-23T20:20:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-23T20:20:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:29:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2",
"product": {
"name": "Red Hat JBoss EAP 7.2",
"product_id": "Red Hat JBoss EAP 7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3144"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3144"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3144"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3638
Vulnerability from csaf_redhat
Published
2020-09-07 12:58
Modified
2024-11-05 22:40
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
• wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n\u2022 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3638",
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-18366",
"url": "https://issues.redhat.com/browse/JBEAP-18366"
},
{
"category": "external",
"summary": "JBEAP-18667",
"url": "https://issues.redhat.com/browse/JBEAP-18667"
},
{
"category": "external",
"summary": "JBEAP-18849",
"url": "https://issues.redhat.com/browse/JBEAP-18849"
},
{
"category": "external",
"summary": "JBEAP-18880",
"url": "https://issues.redhat.com/browse/JBEAP-18880"
},
{
"category": "external",
"summary": "JBEAP-18906",
"url": "https://issues.redhat.com/browse/JBEAP-18906"
},
{
"category": "external",
"summary": "JBEAP-18919",
"url": "https://issues.redhat.com/browse/JBEAP-18919"
},
{
"category": "external",
"summary": "JBEAP-18965",
"url": "https://issues.redhat.com/browse/JBEAP-18965"
},
{
"category": "external",
"summary": "JBEAP-19039",
"url": "https://issues.redhat.com/browse/JBEAP-19039"
},
{
"category": "external",
"summary": "JBEAP-19058",
"url": "https://issues.redhat.com/browse/JBEAP-19058"
},
{
"category": "external",
"summary": "JBEAP-19120",
"url": "https://issues.redhat.com/browse/JBEAP-19120"
},
{
"category": "external",
"summary": "JBEAP-19255",
"url": "https://issues.redhat.com/browse/JBEAP-19255"
},
{
"category": "external",
"summary": "JBEAP-19271",
"url": "https://issues.redhat.com/browse/JBEAP-19271"
},
{
"category": "external",
"summary": "JBEAP-19315",
"url": "https://issues.redhat.com/browse/JBEAP-19315"
},
{
"category": "external",
"summary": "JBEAP-19463",
"url": "https://issues.redhat.com/browse/JBEAP-19463"
},
{
"category": "external",
"summary": "JBEAP-19565",
"url": "https://issues.redhat.com/browse/JBEAP-19565"
},
{
"category": "external",
"summary": "JBEAP-19587",
"url": "https://issues.redhat.com/browse/JBEAP-19587"
},
{
"category": "external",
"summary": "JBEAP-19620",
"url": "https://issues.redhat.com/browse/JBEAP-19620"
},
{
"category": "external",
"summary": "JBEAP-19624",
"url": "https://issues.redhat.com/browse/JBEAP-19624"
},
{
"category": "external",
"summary": "JBEAP-19703",
"url": "https://issues.redhat.com/browse/JBEAP-19703"
},
{
"category": "external",
"summary": "JBEAP-19704",
"url": "https://issues.redhat.com/browse/JBEAP-19704"
},
{
"category": "external",
"summary": "JBEAP-19798",
"url": "https://issues.redhat.com/browse/JBEAP-19798"
},
{
"category": "external",
"summary": "JBEAP-19837",
"url": "https://issues.redhat.com/browse/JBEAP-19837"
},
{
"category": "external",
"summary": "JBEAP-19875",
"url": "https://issues.redhat.com/browse/JBEAP-19875"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3638.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 security update",
"tracking": {
"current_release_date": "2024-11-05T22:40:58+00:00",
"generator": {
"date": "2024-11-05T22:40:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3638",
"initial_release_date": "2020-09-07T12:58:33+00:00",
"revision_history": [
{
"date": "2020-09-07T12:58:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-07T12:58:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:40:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.2.5-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-impl@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core-jsf@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-ejb@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-jta@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-probe-core@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-web@3.0.6-4.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.1-13.Final_redhat_00014.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.2.5-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"product_id": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-10.SP9_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.6-4.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.8-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.5-13.SP3_redhat_00011.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@2.3.5-7.SP2_redhat_00005.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"product_id": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-weld-core@3.0.6-4.Final_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-modules@1.8.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.11-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.0.23-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.1-13.Final_redhat_00014.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.9-4.GA_redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"acknowledgments": [
{
"names": [
"Mirko Selber"
],
"organization": "Compass Security"
}
],
"cve": "CVE-2020-1695",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server\u0027s response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1695"
},
{
"category": "external",
"summary": "RHBZ#1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"acknowledgments": [
{
"names": [
"An Trinh"
]
}
],
"cve": "CVE-2020-6950",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6950"
},
{
"category": "external",
"summary": "RHBZ#1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950"
},
{
"category": "external",
"summary": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/issues/4571",
"url": "https://github.com/eclipse-ee4j/mojarra/issues/4571"
},
{
"category": "external",
"summary": "https://github.com/javaserverfaces/mojarra/issues/4364",
"url": "https://github.com/javaserverfaces/mojarra/issues/4364"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371"
},
{
"cve": "CVE-2020-8840",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8840"
},
{
"category": "external",
"summary": "RHBZ#1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking"
},
{
"cve": "CVE-2020-9546",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in shaded-hikari-config",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9546"
},
{
"category": "external",
"summary": "RHBZ#1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in shaded-hikari-config"
},
{
"cve": "CVE-2020-9547",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in ibatis-sqlmap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9547"
},
{
"category": "external",
"summary": "RHBZ#1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in ibatis-sqlmap"
},
{
"cve": "CVE-2020-9548",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in anteros-core",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9548"
},
{
"category": "external",
"summary": "RHBZ#1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in anteros-core"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T12:58:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details about how to apply this update, which includes the changes described in this advisory, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.5-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-glassfish-jsf-0:2.3.5-13.SP3_redhat_00011.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hal-console-0:3.0.23-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-jsf-api_2.3_spec-0:2.3.5-7.SP2_redhat_00005.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-modules-0:1.8.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.1-13.Final_redhat_00014.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-13.Final_redhat_00014.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-xnio-base-0:3.7.6-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-10.SP9_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-10.SP9_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.5-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-weld-core-impl-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-core-jsf-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-ejb-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-jta-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-probe-core-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-weld-web-0:3.0.6-4.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.8-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3462
Vulnerability from csaf_redhat
Published
2020-08-17 13:28
Modified
2024-11-05 22:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3462",
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-19095",
"url": "https://issues.redhat.com/browse/JBEAP-19095"
},
{
"category": "external",
"summary": "JBEAP-19134",
"url": "https://issues.redhat.com/browse/JBEAP-19134"
},
{
"category": "external",
"summary": "JBEAP-19185",
"url": "https://issues.redhat.com/browse/JBEAP-19185"
},
{
"category": "external",
"summary": "JBEAP-19203",
"url": "https://issues.redhat.com/browse/JBEAP-19203"
},
{
"category": "external",
"summary": "JBEAP-19269",
"url": "https://issues.redhat.com/browse/JBEAP-19269"
},
{
"category": "external",
"summary": "JBEAP-19322",
"url": "https://issues.redhat.com/browse/JBEAP-19322"
},
{
"category": "external",
"summary": "JBEAP-19325",
"url": "https://issues.redhat.com/browse/JBEAP-19325"
},
{
"category": "external",
"summary": "JBEAP-19397",
"url": "https://issues.redhat.com/browse/JBEAP-19397"
},
{
"category": "external",
"summary": "JBEAP-19410",
"url": "https://issues.redhat.com/browse/JBEAP-19410"
},
{
"category": "external",
"summary": "JBEAP-19529",
"url": "https://issues.redhat.com/browse/JBEAP-19529"
},
{
"category": "external",
"summary": "JBEAP-19564",
"url": "https://issues.redhat.com/browse/JBEAP-19564"
},
{
"category": "external",
"summary": "JBEAP-19585",
"url": "https://issues.redhat.com/browse/JBEAP-19585"
},
{
"category": "external",
"summary": "JBEAP-19617",
"url": "https://issues.redhat.com/browse/JBEAP-19617"
},
{
"category": "external",
"summary": "JBEAP-19619",
"url": "https://issues.redhat.com/browse/JBEAP-19619"
},
{
"category": "external",
"summary": "JBEAP-19673",
"url": "https://issues.redhat.com/browse/JBEAP-19673"
},
{
"category": "external",
"summary": "JBEAP-19674",
"url": "https://issues.redhat.com/browse/JBEAP-19674"
},
{
"category": "external",
"summary": "JBEAP-19874",
"url": "https://issues.redhat.com/browse/JBEAP-19874"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3462.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:38:09+00:00",
"generator": {
"date": "2024-11-05T22:38:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3462",
"initial_release_date": "2020-08-17T13:28:06+00:00",
"revision_history": [
{
"date": "2020-08-17T13:28:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-17T13:28:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:38:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.6.2-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.6.2-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.48-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.7-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.4.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.1-7.Final_redhat_00009.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.2-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.2-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.2-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.2-4.GA_redhat_00002.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:06+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el7eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3463
Vulnerability from csaf_redhat
Published
2020-08-17 13:28
Modified
2024-11-05 22:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3463",
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-19095",
"url": "https://issues.redhat.com/browse/JBEAP-19095"
},
{
"category": "external",
"summary": "JBEAP-19134",
"url": "https://issues.redhat.com/browse/JBEAP-19134"
},
{
"category": "external",
"summary": "JBEAP-19185",
"url": "https://issues.redhat.com/browse/JBEAP-19185"
},
{
"category": "external",
"summary": "JBEAP-19203",
"url": "https://issues.redhat.com/browse/JBEAP-19203"
},
{
"category": "external",
"summary": "JBEAP-19269",
"url": "https://issues.redhat.com/browse/JBEAP-19269"
},
{
"category": "external",
"summary": "JBEAP-19322",
"url": "https://issues.redhat.com/browse/JBEAP-19322"
},
{
"category": "external",
"summary": "JBEAP-19325",
"url": "https://issues.redhat.com/browse/JBEAP-19325"
},
{
"category": "external",
"summary": "JBEAP-19397",
"url": "https://issues.redhat.com/browse/JBEAP-19397"
},
{
"category": "external",
"summary": "JBEAP-19410",
"url": "https://issues.redhat.com/browse/JBEAP-19410"
},
{
"category": "external",
"summary": "JBEAP-19411",
"url": "https://issues.redhat.com/browse/JBEAP-19411"
},
{
"category": "external",
"summary": "JBEAP-19529",
"url": "https://issues.redhat.com/browse/JBEAP-19529"
},
{
"category": "external",
"summary": "JBEAP-19564",
"url": "https://issues.redhat.com/browse/JBEAP-19564"
},
{
"category": "external",
"summary": "JBEAP-19585",
"url": "https://issues.redhat.com/browse/JBEAP-19585"
},
{
"category": "external",
"summary": "JBEAP-19617",
"url": "https://issues.redhat.com/browse/JBEAP-19617"
},
{
"category": "external",
"summary": "JBEAP-19619",
"url": "https://issues.redhat.com/browse/JBEAP-19619"
},
{
"category": "external",
"summary": "JBEAP-19673",
"url": "https://issues.redhat.com/browse/JBEAP-19673"
},
{
"category": "external",
"summary": "JBEAP-19674",
"url": "https://issues.redhat.com/browse/JBEAP-19674"
},
{
"category": "external",
"summary": "JBEAP-19874",
"url": "https://issues.redhat.com/browse/JBEAP-19874"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3463.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:38:18+00:00",
"generator": {
"date": "2024-11-05T22:38:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3463",
"initial_release_date": "2020-08-17T13:28:45+00:00",
"revision_history": [
{
"date": "2020-08-17T13:28:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-17T13:28:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:38:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.6.2-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.6.2-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.7-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.48-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.4.19-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.1-7.Final_redhat_00009.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.2-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.2-4.GA_redhat_00002.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:45+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el8eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3143
Vulnerability from csaf_redhat
Published
2020-07-23 20:20
Modified
2024-11-05 22:30
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3.
Security Fix(es):
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3.\n\nSecurity Fix(es):\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3143",
"url": "https://access.redhat.com/errata/RHSA-2020:3143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3143.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update",
"tracking": {
"current_release_date": "2024-11-05T22:30:05+00:00",
"generator": {
"date": "2024-11-05T22:30:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3143",
"initial_release_date": "2020-07-23T20:20:33+00:00",
"revision_history": [
{
"date": "2020-07-23T20:20:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-23T20:20:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:30:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3143"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3143"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:20:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nYou must restart the JBoss server process for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3143"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3539
Vulnerability from csaf_redhat
Published
2020-09-02 09:47
Modified
2024-11-05 22:39
Summary
Red Hat Security Advisory: Red Hat build of Thorntail 2.7.1 security and bug fix update
Notes
Topic
An update is now available for Red Hat build of Thorntail.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details
This release of Red Hat build of Thorntail 2.7.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.
Security Fix(es):
* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* keycloak: security headers missing on REST endpoints (CVE-2020-1728)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body (CVE-2020-10758)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Thorntail.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Thorntail 2.7.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section.\n\nSecurity Fix(es):\n\n* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* keycloak: security headers missing on REST endpoints (CVE-2020-1728)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body (CVE-2020-10758)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issues and their impact, the CVSS score, acknowledgements, and other related information, see the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3539",
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.7.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=catRhoar.thorntail\u0026version=2.7.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1800585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1800585"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1843849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3539.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Thorntail 2.7.1 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-05T22:39:42+00:00",
"generator": {
"date": "2024-11-05T22:39:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3539",
"initial_release_date": "2020-09-02T09:47:16+00:00",
"revision_history": [
{
"date": "2020-09-02T09:47:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-02T09:47:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:39:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Text-Only RHOAR",
"product": {
"name": "Text-Only RHOAR",
"product_id": "Text-Only RHOAR",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Application Runtimes"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1728",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1800585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u2019s Admin Console, where it is missing HTTP security headers in HTTP responses. This issue is not a direct vulnerability and may not lead to a security issue, but increases the chances of allowing attackers to exploit other security flaws. Examples of these possible exploits are servers being prone to clickjacking, channel downgrade attacks, and other similar client-based attack vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: security headers missing on REST endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1728"
},
{
"category": "external",
"summary": "RHBZ#1800585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1800585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1728"
}
],
"release_date": "2019-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: security headers missing on REST endpoints"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"acknowledgments": [
{
"names": [
"Matt Hamilton"
],
"organization": "Soluble.ai"
}
],
"cve": "CVE-2020-10758",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1843849"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10758"
},
{
"category": "external",
"summary": "RHBZ#1843849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10758",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10758"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10758",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10758"
}
],
"release_date": "2020-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"category": "workaround",
"details": "- The possibility of this issue largely depends on the environment, specifically the load balancer or reverse proxies between the client and the server. The issue occurs when there is no load balancer in place.\n\n- Proper tuning of HTTP request timeout and keycloak database max pool size can mitigate this issue :\nbin/jboss-cli.sh --connect --commands=\u0027/subsystem=transactions:write-attribute(name=default-timeout,value=30),/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=read-timeout,value=30000),/subsystem=undertow/server=default-server/https-listener=https/:write-attribute(name=read-timeout,value=30000),/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=max-pool-size,value=100),reload\u0027",
"product_ids": [
"Text-Only RHOAR"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only RHOAR"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-02T09:47:16+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
"product_ids": [
"Text-Only RHOAR"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Text-Only RHOAR"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3141
Vulnerability from csaf_redhat
Published
2020-07-23 20:33
Modified
2024-11-05 22:29
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.
Security Fix(es):
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3141",
"url": "https://access.redhat.com/errata/RHSA-2020:3141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3141.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3 security update",
"tracking": {
"current_release_date": "2024-11-05T22:29:58+00:00",
"generator": {
"date": "2024-11-05T22:29:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3141",
"initial_release_date": "2020-07-23T20:33:54+00:00",
"revision_history": [
{
"date": "2020-07-23T20:33:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-23T20:33:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:29:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product": {
"name": "Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.1-7.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.1-7.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.1-7.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.1-7.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.1-7.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.1-7.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.1-7.GA_redhat_00004.1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.1-7.GA_redhat_00004.1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-naming-client@1.0.13-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.21-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.33-2.SP1_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"product": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"product_id": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.1-7.GA_redhat_00004.1.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src"
},
"product_reference": "eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.3 for BaseOS-8",
"product_id": "8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:33:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3141"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:33:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3141"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-23T20:33:54+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nFor details about how to apply this update, see:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3141"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.33-2.SP1_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-0:7.3.1-7.GA_redhat_00004.1.el8.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.21-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-modules-0:7.3.1-7.GA_redhat_00004.1.el8.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.3:eap7-wildfly-naming-client-0:1.0.13-1.Final_redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3464
Vulnerability from csaf_redhat
Published
2020-08-17 13:25
Modified
2024-11-05 22:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3464",
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-19095",
"url": "https://issues.redhat.com/browse/JBEAP-19095"
},
{
"category": "external",
"summary": "JBEAP-19134",
"url": "https://issues.redhat.com/browse/JBEAP-19134"
},
{
"category": "external",
"summary": "JBEAP-19185",
"url": "https://issues.redhat.com/browse/JBEAP-19185"
},
{
"category": "external",
"summary": "JBEAP-19203",
"url": "https://issues.redhat.com/browse/JBEAP-19203"
},
{
"category": "external",
"summary": "JBEAP-19269",
"url": "https://issues.redhat.com/browse/JBEAP-19269"
},
{
"category": "external",
"summary": "JBEAP-19322",
"url": "https://issues.redhat.com/browse/JBEAP-19322"
},
{
"category": "external",
"summary": "JBEAP-19325",
"url": "https://issues.redhat.com/browse/JBEAP-19325"
},
{
"category": "external",
"summary": "JBEAP-19397",
"url": "https://issues.redhat.com/browse/JBEAP-19397"
},
{
"category": "external",
"summary": "JBEAP-19529",
"url": "https://issues.redhat.com/browse/JBEAP-19529"
},
{
"category": "external",
"summary": "JBEAP-19564",
"url": "https://issues.redhat.com/browse/JBEAP-19564"
},
{
"category": "external",
"summary": "JBEAP-19585",
"url": "https://issues.redhat.com/browse/JBEAP-19585"
},
{
"category": "external",
"summary": "JBEAP-19617",
"url": "https://issues.redhat.com/browse/JBEAP-19617"
},
{
"category": "external",
"summary": "JBEAP-19619",
"url": "https://issues.redhat.com/browse/JBEAP-19619"
},
{
"category": "external",
"summary": "JBEAP-19673",
"url": "https://issues.redhat.com/browse/JBEAP-19673"
},
{
"category": "external",
"summary": "JBEAP-19674",
"url": "https://issues.redhat.com/browse/JBEAP-19674"
},
{
"category": "external",
"summary": "JBEAP-19874",
"url": "https://issues.redhat.com/browse/JBEAP-19874"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3464.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:38:41+00:00",
"generator": {
"date": "2024-11-05T22:38:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3464",
"initial_release_date": "2020-08-17T13:25:19+00:00",
"revision_history": [
{
"date": "2020-08-17T13:25:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-17T13:25:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:38:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:25:19+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3642
Vulnerability from csaf_redhat
Published
2020-09-07 13:05
Modified
2024-11-05 22:40
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)
* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
• wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat JBoss Enterprise Application Platform 7.2.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jsf-impl: Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)\n\n* resteasy-jaxrs: resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n\u2022 wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jboss-ejb-client: wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* jboss-ejb-client: wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3642",
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-18366",
"url": "https://issues.redhat.com/browse/JBEAP-18366"
},
{
"category": "external",
"summary": "JBEAP-18667",
"url": "https://issues.redhat.com/browse/JBEAP-18667"
},
{
"category": "external",
"summary": "JBEAP-18849",
"url": "https://issues.redhat.com/browse/JBEAP-18849"
},
{
"category": "external",
"summary": "JBEAP-18880",
"url": "https://issues.redhat.com/browse/JBEAP-18880"
},
{
"category": "external",
"summary": "JBEAP-18906",
"url": "https://issues.redhat.com/browse/JBEAP-18906"
},
{
"category": "external",
"summary": "JBEAP-18919",
"url": "https://issues.redhat.com/browse/JBEAP-18919"
},
{
"category": "external",
"summary": "JBEAP-18965",
"url": "https://issues.redhat.com/browse/JBEAP-18965"
},
{
"category": "external",
"summary": "JBEAP-19058",
"url": "https://issues.redhat.com/browse/JBEAP-19058"
},
{
"category": "external",
"summary": "JBEAP-19120",
"url": "https://issues.redhat.com/browse/JBEAP-19120"
},
{
"category": "external",
"summary": "JBEAP-19255",
"url": "https://issues.redhat.com/browse/JBEAP-19255"
},
{
"category": "external",
"summary": "JBEAP-19271",
"url": "https://issues.redhat.com/browse/JBEAP-19271"
},
{
"category": "external",
"summary": "JBEAP-19315",
"url": "https://issues.redhat.com/browse/JBEAP-19315"
},
{
"category": "external",
"summary": "JBEAP-19463",
"url": "https://issues.redhat.com/browse/JBEAP-19463"
},
{
"category": "external",
"summary": "JBEAP-19565",
"url": "https://issues.redhat.com/browse/JBEAP-19565"
},
{
"category": "external",
"summary": "JBEAP-19587",
"url": "https://issues.redhat.com/browse/JBEAP-19587"
},
{
"category": "external",
"summary": "JBEAP-19620",
"url": "https://issues.redhat.com/browse/JBEAP-19620"
},
{
"category": "external",
"summary": "JBEAP-19624",
"url": "https://issues.redhat.com/browse/JBEAP-19624"
},
{
"category": "external",
"summary": "JBEAP-19703",
"url": "https://issues.redhat.com/browse/JBEAP-19703"
},
{
"category": "external",
"summary": "JBEAP-19704",
"url": "https://issues.redhat.com/browse/JBEAP-19704"
},
{
"category": "external",
"summary": "JBEAP-19798",
"url": "https://issues.redhat.com/browse/JBEAP-19798"
},
{
"category": "external",
"summary": "JBEAP-19837",
"url": "https://issues.redhat.com/browse/JBEAP-19837"
},
{
"category": "external",
"summary": "JBEAP-19875",
"url": "https://issues.redhat.com/browse/JBEAP-19875"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3642.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 security update",
"tracking": {
"current_release_date": "2024-11-05T22:40:39+00:00",
"generator": {
"date": "2024-11-05T22:40:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3642",
"initial_release_date": "2020-09-07T13:05:33+00:00",
"revision_history": [
{
"date": "2020-09-07T13:05:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-07T13:05:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:40:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"acknowledgments": [
{
"names": [
"Mirko Selber"
],
"organization": "Compass Security"
}
],
"cve": "CVE-2020-1695",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-07-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1730462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server\u0027s response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1695"
},
{
"category": "external",
"summary": "RHBZ#1730462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1695",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"acknowledgments": [
{
"names": [
"An Trinh"
]
}
],
"cve": "CVE-2020-6950",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805006"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Mojarra before version 2.3.14, where it is vulnerable to a path traversal flaw via the loc parameter or the con parameter. An attacker could exploit this flaw to read arbitrary files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6950"
},
{
"category": "external",
"summary": "RHBZ#1805006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805006"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6950"
},
{
"category": "external",
"summary": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943",
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741",
"url": "https://github.com/eclipse-ee4j/mojarra/commit/cefbb9447e7be560e59da2da6bd7cb93776f7741"
},
{
"category": "external",
"summary": "https://github.com/eclipse-ee4j/mojarra/issues/4571",
"url": "https://github.com/eclipse-ee4j/mojarra/issues/4571"
},
{
"category": "external",
"summary": "https://github.com/javaserverfaces/mojarra/issues/4364",
"url": "https://github.com/javaserverfaces/mojarra/issues/4364"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371"
},
{
"cve": "CVE-2020-8840",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8840"
},
{
"category": "external",
"summary": "RHBZ#1816330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking"
},
{
"cve": "CVE-2020-9546",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in shaded-hikari-config",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9546"
},
{
"category": "external",
"summary": "RHBZ#1816332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in shaded-hikari-config"
},
{
"cve": "CVE-2020-9547",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816337"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in ibatis-sqlmap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9547"
},
{
"category": "external",
"summary": "RHBZ#1816337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in ibatis-sqlmap"
},
{
"cve": "CVE-2020-9548",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in anteros-core",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9548"
},
{
"category": "external",
"summary": "RHBZ#1816340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in anteros-core"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-07T13:05:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3501
Vulnerability from csaf_redhat
Published
2020-08-18 16:34
Modified
2024-11-05 22:39
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.4.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body (CVE-2020-10758)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)
* keycloak: security headers missing on REST endpoints (CVE-2020-1728)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.4.2 serves as a replacement for Red Hat Single Sign-On 7.4.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body (CVE-2020-10758)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* keycloak: security headers missing on REST endpoints (CVE-2020-1728)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3501",
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1800585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1800585"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1843849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3501.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.4.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:39:57+00:00",
"generator": {
"date": "2024-11-05T22:39:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3501",
"initial_release_date": "2020-08-18T16:34:33+00:00",
"revision_history": [
{
"date": "2020-08-18T16:34:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-18T16:34:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:39:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.4.2",
"product": {
"name": "Red Hat Single Sign-On 7.4.2",
"product_id": "Red Hat Single Sign-On 7.4.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1728",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-02-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1800585"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak\u2019s Admin Console, where it is missing HTTP security headers in HTTP responses. This issue is not a direct vulnerability and may not lead to a security issue, but increases the chances of allowing attackers to exploit other security flaws. Examples of these possible exploits are servers being prone to clickjacking, channel downgrade attacks, and other similar client-based attack vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: security headers missing on REST endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1728"
},
{
"category": "external",
"summary": "RHBZ#1800585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1800585"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1728"
}
],
"release_date": "2019-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: security headers missing on REST endpoints"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"acknowledgments": [
{
"names": [
"Matt Hamilton"
],
"organization": "Soluble.ai"
}
],
"cve": "CVE-2020-10758",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1843849"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10758"
},
{
"category": "external",
"summary": "RHBZ#1843849",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10758",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10758"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10758",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10758"
}
],
"release_date": "2020-08-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"category": "workaround",
"details": "- The possibility of this issue largely depends on the environment, specifically the load balancer or reverse proxies between the client and the server. The issue occurs when there is no load balancer in place.\n\n- Proper tuning of HTTP request timeout and keycloak database max pool size can mitigate this issue :\nbin/jboss-cli.sh --connect --commands=\u0027/subsystem=transactions:write-attribute(name=default-timeout,value=30),/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=read-timeout,value=30000),/subsystem=undertow/server=default-server/https-listener=https/:write-attribute(name=read-timeout,value=30000),/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=max-pool-size,value=100),reload\u0027",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.4.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T16:34:33+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.4.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Single Sign-On 7.4.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3817
Vulnerability from csaf_redhat
Published
2020-09-23 09:02
Modified
2024-11-05 22:43
Summary
Red Hat Security Advisory: AMQ Clients 2.8.0 Release
Notes
Topic
An update is now available for Red Hat AMQ Clients 2.8.0.
Red Hat Product Security has rated this update as having a Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.
This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.
Security Fix(es):
* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)
* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat AMQ Clients 2.8.0.\n\nRed Hat Product Security has rated this update as having a Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7.\n\nThis update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\n* wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service (CVE-2020-14307)\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3817",
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq"
},
{
"category": "external",
"summary": "1821315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821315"
},
{
"category": "external",
"summary": "1831139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139"
},
{
"category": "external",
"summary": "1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "ENTMQCL-1987",
"url": "https://issues.redhat.com/browse/ENTMQCL-1987"
},
{
"category": "external",
"summary": "ENTMQCL-1988",
"url": "https://issues.redhat.com/browse/ENTMQCL-1988"
},
{
"category": "external",
"summary": "ENTMQCL-2070",
"url": "https://issues.redhat.com/browse/ENTMQCL-2070"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3817.json"
}
],
"title": "Red Hat Security Advisory: AMQ Clients 2.8.0 Release",
"tracking": {
"current_release_date": "2024-11-05T22:43:24+00:00",
"generator": {
"date": "2024-11-05T22:43:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3817",
"initial_release_date": "2020-09-23T09:02:39+00:00",
"revision_history": [
{
"date": "2020-09-23T09:02:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-23T09:02:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:43:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat AMQ Clients 2",
"product": {
"name": "Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:a_mq_clients:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat AMQ Clients"
},
{
"branches": [
{
"category": "product_version",
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"product": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"product_id": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton@0.32.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"product": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"product_id": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.32.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"product": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"product_id": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.32.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"product": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"product_id": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp@0.32.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"product": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"product_id": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-devel@0.32.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"product": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"product_id": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.32.0-1.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"product_id": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"product_id": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"product_id": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"product_id": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"product_id": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-devel@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.32.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"product": {
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"product_id": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client@1.36.0-31.el6_10amq?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"product": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"product_id": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client-devel@1.36.0-31.el6_10amq?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"product": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"product_id": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-debuginfo@1.36.0-31.el6_10amq?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"product": {
"name": "python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"product_id": "python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-c-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-c-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-devel@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"product": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"product_id": "rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.32.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"product": {
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"product_id": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"product": {
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"product_id": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"product_id": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"product": {
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"product_id": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"product": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"product_id": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-devel@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"product": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"product_id": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.32.0-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"product": {
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"product_id": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client@1.36.0-31.el7amq?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"product": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"product_id": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client-devel@1.36.0-31.el7amq?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"product": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"product_id": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-debuginfo@1.36.0-31.el7amq?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"product": {
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"product_id": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton-docs@0.32.0-1.el6_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"product_id": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.32.0-1.el6_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"product": {
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"product_id": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-docs@0.32.0-1.el6_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"product": {
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"product_id": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-tests@0.32.0-1.el6_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"product": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"product_id": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client-docs@1.36.0-31.el6_10amq?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "nodejs-rhea-0:1.0.24-1.el8.noarch",
"product": {
"name": "nodejs-rhea-0:1.0.24-1.el8.noarch",
"product_id": "nodejs-rhea-0:1.0.24-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-rhea@1.0.24-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"product": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"product_id": "python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton-docs@0.32.0-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"product_id": "qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.32.0-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"product": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"product_id": "qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-docs@0.32.0-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-tests-0:0.32.0-2.el8.noarch",
"product": {
"name": "qpid-proton-tests-0:0.32.0-2.el8.noarch",
"product_id": "qpid-proton-tests-0:0.32.0-2.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-tests@0.32.0-2.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"product": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"product_id": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qpid-proton-docs@0.32.0-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"product_id": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.32.0-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"product": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"product_id": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-docs@0.32.0-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"product": {
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"product_id": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-tests@0.32.0-2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"product": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"product_id": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp-client-docs@1.36.0-31.el7amq?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "qpid-proton-0:0.32.0-1.el6_10.src",
"product": {
"name": "qpid-proton-0:0.32.0-1.el6_10.src",
"product_id": "qpid-proton-0:0.32.0-1.el6_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.32.0-1.el6_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"product": {
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"product_id": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp@1.36.0-31.el6_10amq?arch=src"
}
}
},
{
"category": "product_version",
"name": "nodejs-rhea-0:1.0.24-1.el8.src",
"product": {
"name": "nodejs-rhea-0:1.0.24-1.el8.src",
"product_id": "nodejs-rhea-0:1.0.24-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/nodejs-rhea@1.0.24-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.32.0-2.el8.src",
"product": {
"name": "qpid-proton-0:0.32.0-2.el8.src",
"product_id": "qpid-proton-0:0.32.0-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.32.0-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.32.0-2.el7.src",
"product": {
"name": "qpid-proton-0:0.32.0-2.el7.src",
"product_id": "qpid-proton-0:0.32.0-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.32.0-2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-cpp-0:1.36.0-31.el7amq.src",
"product": {
"name": "qpid-cpp-0:1.36.0-31.el7amq.src",
"product_id": "qpid-cpp-0:1.36.0-31.el7amq.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-cpp@1.36.0-31.el7amq?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-1.el6_10.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src"
},
"product_reference": "qpid-proton-0:0.32.0-1.el6_10.src",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-1.el6_10.src as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src"
},
"product_reference": "qpid-proton-0:0.32.0-1.el6_10.src",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-1.el6_10.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src"
},
"product_reference": "qpid-proton-0:0.32.0-1.el6_10.src",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el6_10amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el6_10amq.src",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-1.el6_10.src as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src"
},
"product_reference": "qpid-proton-0:0.32.0-1.el6_10.src",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"relates_to_product_reference": "6Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el7amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el7amq.src",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-2.el7.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src"
},
"product_reference": "qpid-proton-0:0.32.0-2.el7.src",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Client-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el7amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el7amq.src",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-2.el7.src as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src"
},
"product_reference": "qpid-proton-0:0.32.0-2.el7.src",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el7amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el7amq.src",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-2.el7.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src"
},
"product_reference": "qpid-proton-0:0.32.0-2.el7.src",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Server-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "python-qpid-proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-0:1.36.0-31.el7amq.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src"
},
"product_reference": "qpid-cpp-0:1.36.0-31.el7amq.src",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch"
},
"product_reference": "qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64"
},
"product_reference": "qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-2.el7.src as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src"
},
"product_reference": "qpid-proton-0:0.32.0-2.el7.src",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-2.el7.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-2.el7.noarch",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"relates_to_product_reference": "7Workstation-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-rhea-0:1.0.24-1.el8.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch"
},
"product_reference": "nodejs-rhea-0:1.0.24-1.el8.noarch",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-rhea-0:1.0.24-1.el8.src as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src"
},
"product_reference": "nodejs-rhea-0:1.0.24-1.el8.src",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qpid-proton-docs-0:0.32.0-2.el8.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch"
},
"product_reference": "python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64"
},
"product_reference": "python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.32.0-2.el8.src as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src"
},
"product_reference": "qpid-proton-0:0.32.0-2.el8.src",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-c-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.32.0-2.el8.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch"
},
"product_reference": "qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-tests-0:0.32.0-2.el8.noarch as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch"
},
"product_reference": "qpid-proton-tests-0:0.32.0-2.el8.noarch",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64 as a component of Red Hat AMQ Clients 2",
"product_id": "8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-AMQ-Clients-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-9488",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-04-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1831139"
}
],
"notes": [
{
"category": "description",
"text": "Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "log4j: improper validation of certificate with host mismatch in SMTP appender",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9488"
},
{
"category": "external",
"summary": "RHBZ#1831139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488"
}
],
"release_date": "2020-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-23T09:02:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
},
{
"category": "workaround",
"details": "Previous versions can set the system property mail.smtp.ssl.checkserveridentity to true to globally enable hostname verification for SMTPS connections.",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "log4j: improper validation of certificate with host mismatch in SMTP appender"
},
{
"cve": "CVE-2020-11113",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1821315"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11113"
},
{
"category": "external",
"summary": "RHBZ#1821315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821315"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11113"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2670",
"url": "https://github.com/FasterXML/jackson-databind/issues/2670"
}
],
"release_date": "2020-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-23T09:02:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-23T09:02:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-23T09:02:39+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el6_10amq.src",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el6_10amq.noarch",
"6Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el6_10amq.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-1.el6_10.src",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-1.el6_10.noarch",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.i686",
"6Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-1.el6_10.x86_64",
"6Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-1.el6_10.noarch",
"7Client-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Client-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Client-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Client-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Client-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Client-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7ComputeNode-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7ComputeNode-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Server-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Server-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Server-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Server-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Server-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-0:1.36.0-31.el7amq.src",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-devel-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-cpp-client-docs-0:1.36.0-31.el7amq.noarch",
"7Workstation-AMQ-Clients-2:qpid-cpp-debuginfo-0:1.36.0-31.el7amq.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el7.src",
"7Workstation-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el7.x86_64",
"7Workstation-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el7.noarch",
"7Workstation-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el7.x86_64",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.noarch",
"8Base-AMQ-Clients-2:nodejs-rhea-0:1.0.24-1.el8.src",
"8Base-AMQ-Clients-2:python-qpid-proton-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:python3-qpid-proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:python3-qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-0:0.32.0-2.el8.src",
"8Base-AMQ-Clients-2:qpid-proton-c-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-c-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-cpp-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-devel-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-cpp-docs-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:qpid-proton-debuginfo-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-debugsource-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:qpid-proton-tests-0:0.32.0-2.el8.noarch",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-0:0.32.0-2.el8.x86_64",
"8Base-AMQ-Clients-2:rubygem-qpid_proton-debuginfo-0:0.32.0-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
rhsa-2020_3461
Vulnerability from csaf_redhat
Published
2020-08-17 13:28
Modified
2024-11-05 22:38
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.3.2 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.1, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.2 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API (CVE-2020-10718)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* wildfly-undertow: Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests (CVE-2020-10687)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* hibernate-core: hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* wildfly: unsafe deserialization in Wildfly Enterprise Java Beans (CVE-2020-10740)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* undertow: EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly: Some EJB transaction objects may get accumulated causing Denial of Service (CVE-2020-14297)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, see the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3461",
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "JBEAP-19095",
"url": "https://issues.redhat.com/browse/JBEAP-19095"
},
{
"category": "external",
"summary": "JBEAP-19134",
"url": "https://issues.redhat.com/browse/JBEAP-19134"
},
{
"category": "external",
"summary": "JBEAP-19185",
"url": "https://issues.redhat.com/browse/JBEAP-19185"
},
{
"category": "external",
"summary": "JBEAP-19203",
"url": "https://issues.redhat.com/browse/JBEAP-19203"
},
{
"category": "external",
"summary": "JBEAP-19269",
"url": "https://issues.redhat.com/browse/JBEAP-19269"
},
{
"category": "external",
"summary": "JBEAP-19322",
"url": "https://issues.redhat.com/browse/JBEAP-19322"
},
{
"category": "external",
"summary": "JBEAP-19325",
"url": "https://issues.redhat.com/browse/JBEAP-19325"
},
{
"category": "external",
"summary": "JBEAP-19397",
"url": "https://issues.redhat.com/browse/JBEAP-19397"
},
{
"category": "external",
"summary": "JBEAP-19409",
"url": "https://issues.redhat.com/browse/JBEAP-19409"
},
{
"category": "external",
"summary": "JBEAP-19529",
"url": "https://issues.redhat.com/browse/JBEAP-19529"
},
{
"category": "external",
"summary": "JBEAP-19564",
"url": "https://issues.redhat.com/browse/JBEAP-19564"
},
{
"category": "external",
"summary": "JBEAP-19585",
"url": "https://issues.redhat.com/browse/JBEAP-19585"
},
{
"category": "external",
"summary": "JBEAP-19617",
"url": "https://issues.redhat.com/browse/JBEAP-19617"
},
{
"category": "external",
"summary": "JBEAP-19619",
"url": "https://issues.redhat.com/browse/JBEAP-19619"
},
{
"category": "external",
"summary": "JBEAP-19673",
"url": "https://issues.redhat.com/browse/JBEAP-19673"
},
{
"category": "external",
"summary": "JBEAP-19674",
"url": "https://issues.redhat.com/browse/JBEAP-19674"
},
{
"category": "external",
"summary": "JBEAP-19874",
"url": "https://issues.redhat.com/browse/JBEAP-19874"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3461.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.2 security update",
"tracking": {
"current_release_date": "2024-11-05T22:38:01+00:00",
"generator": {
"date": "2024-11-05T22:38:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2020:3461",
"initial_release_date": "2020-08-17T13:28:01+00:00",
"revision_history": [
{
"date": "2020-08-17T13:28:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-17T13:28:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T22:38:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.6.2-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.6.2-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.8-1.SP1_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-glassfish-jsf@2.3.9-11.SP11_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-4.SP04_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty@4.1.48-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-netty-all@4.1.48-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.7-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.7-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.2.9-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.4.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-common@1.5.2-1.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.3-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.17-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.20-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.20-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.30-4.SP4_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.10.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.1-7.Final_redhat_00009.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.22-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.3.2-4.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.2-4.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.2-4.GA_redhat_00002.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.3"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2020-1710",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2019-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: field-name is not parsed in accordance to RFC7230",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1710"
},
{
"category": "external",
"summary": "RHBZ#1793970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1710"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "EAP: field-name is not parsed in accordance to RFC7230"
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-10672",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815495"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10672"
},
{
"category": "external",
"summary": "RHBZ#1815495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672"
}
],
"release_date": "2020-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"cve": "CVE-2020-10673",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1815470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10673"
},
{
"category": "external",
"summary": "RHBZ#1815470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673"
}
],
"release_date": "2020-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Aaron Ogburn"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10687",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-06-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1785049"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10687"
},
{
"category": "external",
"summary": "RHBZ#1785049",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785049"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10687",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10687"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10687"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
},
{
"acknowledgments": [
{
"names": [
"James R. Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10718",
"cwe": {
"id": "CWE-749",
"name": "Exposed Dangerous Method or Function"
},
"discovery_date": "2020-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828476"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10718"
},
{
"category": "external",
"summary": "RHBZ#1828476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10718",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10718"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: exposed setting of TCCL via the EmbeddedManagedProcess API"
},
{
"acknowledgments": [
{
"names": [
"Moritz Bechler"
],
"organization": "SySS GmbH"
}
],
"cve": "CVE-2020-10740",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-03-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834512"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly. A remote deserialization attack is possible in the Enterprise Application Beans (EJB) due to lack of validation/filtering capabilities in wildfly. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availablity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10740"
},
{
"category": "external",
"summary": "RHBZ#1834512",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834512"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10740",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10740"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10740"
}
],
"release_date": "2020-06-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"category": "workaround",
"details": "There is currently no known mitigation for this issue.",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wildfly: unsafe deserialization in Wildfly Enterprise Java Beans"
},
{
"cve": "CVE-2020-11612",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-03-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816216"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch"
],
"known_not_affected": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11612"
},
{
"category": "external",
"summary": "RHBZ#1816216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612"
}
],
"release_date": "2020-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes"
},
{
"cve": "CVE-2020-14297",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853595"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly\u0027s EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14297"
},
{
"category": "external",
"summary": "RHBZ#1853595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853595"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14297",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14297"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14297"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Some EJB transaction objects may get accumulated causing Denial of Service"
},
{
"cve": "CVE-2020-14307",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"discovery_date": "2020-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851327"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"category": "external",
"summary": "RHBZ#1851327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14307",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
}
],
"release_date": "2020-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-17T13:28:01+00:00",
"details": "Before applying this update, ensure all previously released errata relevant to your system have been applied.\n\nFor details about how to apply this update, see:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-dom4j-0:2.1.3-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-elytron-web-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-glassfish-jsf-0:2.3.9-11.SP11_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hal-console-0:3.2.9-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-0:5.3.17-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-core-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-entitymanager-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-envers-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-java8-0:5.3.17-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-hibernate-validator-0:6.0.20-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-hibernate-validator-cdi-0:6.0.20-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-0:9.4.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-jdbc-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-cachestore-remote-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-client-hotrod-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-core-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-commons-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-spi-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-infinispan-hibernate-cache-v53-0:9.4.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-0:1.4.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.4.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-annotations-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-core-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-databind-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jdk8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-datatype-jsr310-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-json-provider-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-jaxrs-providers-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-module-jaxb-annotations-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-base-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jackson-modules-java8-0:2.10.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-genericjms-0:2.0.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-4.SP04_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-logmanager-0:2.1.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.1-7.Final_redhat_00009.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.1-7.Final_redhat_00009.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-jboss-xnio-base-0:3.7.8-1.SP1_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-netty-0:4.1.48-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-netty-all-0:4.1.48-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-undertow-0:2.0.30-4.SP4_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-undertow-server-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-0:7.3.2-4.GA_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-common-0:1.5.2-1.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.7-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.7-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.3:eap7-wildfly-http-client-common-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-ejb-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-naming-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-http-transaction-client-0:1.0.22-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.2-4.GA_redhat_00002.1.el6eap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service"
}
]
}
ghsa-q562-x7c7-5fc9
Vulnerability from github
Published
2022-05-24 17:24
Modified
2022-10-07 18:15
Severity ?
Details
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
{
"affected": [],
"aliases": [
"CVE-2020-14307"
],
"database_specific": {
"cwe_ids": [
"CWE-404"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-07-24T16:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"id": "GHSA-q562-x7c7-5fc9",
"modified": "2022-10-07T18:15:55Z",
"published": "2022-05-24T17:24:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14307"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851327"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2020-14307"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3817"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3642"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3639"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3638"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3637"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3539"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3501"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3464"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3463"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3462"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3461"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3144"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3143"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3142"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:3141"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2020-14307
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-14307",
"description": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"id": "GSD-2020-14307",
"references": [
"https://access.redhat.com/errata/RHSA-2020:3817",
"https://access.redhat.com/errata/RHSA-2020:3642",
"https://access.redhat.com/errata/RHSA-2020:3639",
"https://access.redhat.com/errata/RHSA-2020:3638",
"https://access.redhat.com/errata/RHSA-2020:3637",
"https://access.redhat.com/errata/RHSA-2020:3539",
"https://access.redhat.com/errata/RHSA-2020:3501",
"https://access.redhat.com/errata/RHSA-2020:3464",
"https://access.redhat.com/errata/RHSA-2020:3463",
"https://access.redhat.com/errata/RHSA-2020:3462",
"https://access.redhat.com/errata/RHSA-2020:3461",
"https://access.redhat.com/errata/RHSA-2020:3144",
"https://access.redhat.com/errata/RHSA-2020:3143",
"https://access.redhat.com/errata/RHSA-2020:3142",
"https://access.redhat.com/errata/RHSA-2020:3141"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-14307"
],
"details": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.",
"id": "GSD-2020-14307",
"modified": "2023-12-13T01:22:00.448490Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wildfly",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "jboss-ejb-client versions shipped with Red Hat JBoss EAP 7"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-404",
"lang": "eng",
"value": "CWE-404"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:amq:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14307"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability was found in Wildfly\u0027s Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-02-12T23:39Z",
"publishedDate": "2020-07-24T16:15Z"
}
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.