rhsa-2021_5150
Vulnerability from csaf_redhat
Published
2021-12-15 14:38
Modified
2024-11-15 10:42
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 7
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)
* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)
* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)
* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)
* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)
* resteasy: Error message exposes endpoint class information (CVE-2021-20289)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat JBoss Enterprise Application Platform 7.3.10 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.9, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.10 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* undertow: potential security issue in flow control over HTTP/2 may lead to DOS (CVE-2021-3629)\n\n* wildfly-elytron: possible timing attack in ScramServer (CVE-2021-3642)\n\n* wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users (CVE-2021-3717)\n\n* jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck (CVE-2021-37714)\n\n* xml-security: XPath Transform abuse allows for information disclosure (CVE-2021-40690)\n\n* resteasy: Error message exposes endpoint class information (CVE-2021-20289)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:5150", "url": "https://access.redhat.com/errata/RHSA-2021:5150" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/" }, { "category": "external", "summary": "1935927", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935927" }, { "category": "external", "summary": "1977362", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362" }, { "category": "external", "summary": "1981407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407" }, { "category": "external", "summary": "1991305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305" }, { "category": "external", "summary": "1995259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995259" }, { "category": "external", "summary": "2011190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190" }, { "category": "external", "summary": "JBEAP-22144", "url": "https://issues.redhat.com/browse/JBEAP-22144" }, { "category": "external", "summary": "JBEAP-22314", "url": "https://issues.redhat.com/browse/JBEAP-22314" }, { "category": "external", "summary": "JBEAP-22332", "url": "https://issues.redhat.com/browse/JBEAP-22332" }, { "category": "external", "summary": "JBEAP-22343", "url": "https://issues.redhat.com/browse/JBEAP-22343" }, { "category": "external", "summary": "JBEAP-22363", "url": "https://issues.redhat.com/browse/JBEAP-22363" }, { "category": "external", "summary": "JBEAP-22490", "url": "https://issues.redhat.com/browse/JBEAP-22490" }, { "category": "external", "summary": "JBEAP-22501", "url": "https://issues.redhat.com/browse/JBEAP-22501" }, { "category": "external", "summary": "JBEAP-22523", "url": "https://issues.redhat.com/browse/JBEAP-22523" }, { "category": "external", "summary": "JBEAP-22734", "url": "https://issues.redhat.com/browse/JBEAP-22734" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_5150.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.10 security update on RHEL 7", "tracking": { "current_release_date": "2024-11-15T10:42:39+00:00", "generator": { "date": "2024-11-15T10:42:39+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:5150", "initial_release_date": "2021-12-15T14:38:03+00:00", "revision_history": [ { "date": "2021-12-15T14:38:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-12-15T14:38:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T10:42:39+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.15-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.43-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src", "product_id": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.1.7-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.5-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "product_id": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.2.7-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "product_id": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.12-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.41-1.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "product": { "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "product_id": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.14.2-1.redhat_00002.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "product": { "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "product_id": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jakarta-el@3.0.3-3.redhat_00007.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "product_id": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-10.Final_redhat_00011.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "product": { "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "product_id": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.10-2.GA_redhat_00003.1.el7eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.10.15-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.10.15-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.43-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xml-security@2.1.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.11.5-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-bindings@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-policy@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.2.7-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf@3.3.12-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.3.12-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.3.12-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.3.12-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow@2.0.41-1.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "product_id": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.14.2-1.redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "product": { "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "product_id": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jakarta-el@3.0.3-3.redhat_00007.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-10.Final_redhat_00011.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.3-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.3.10-2.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.10-2.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.10-2.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.10-2.GA_redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_id": "eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.3.10-2.GA_redhat_00003.1.el7eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch" }, "product_reference": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src" }, "product_reference": "eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src" }, "product_reference": "eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src" }, "product_reference": "eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.3" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.3 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-3629", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-04-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1977362" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3629" }, { "category": "external", "summary": "RHBZ#1977362", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977362" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3629", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3629" } ], "release_date": "2021-03-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "undertow: potential security issue in flow control over HTTP/2 may lead to DOS" }, { "cve": "CVE-2021-3642", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2021-06-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1981407" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: possible timing attack in ScramServer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3642" }, { "category": "external", "summary": "RHBZ#1981407", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1981407" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3642", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3642" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3642" } ], "release_date": "2021-06-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: possible timing attack in ScramServer" }, { "cve": "CVE-2021-3717", "cwe": { "id": "CWE-552", "name": "Files or Directories Accessible to External Parties" }, "discovery_date": "2021-07-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1991305" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly. An incorrect JBOSS_LOCAL_USER challenge location when using the elytron configuration may lead to JBOSS_LOCAL_USER access to all users on the machine. The highest threat from this vulnerability is to confidentiality, integrity, and availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3717" }, { "category": "external", "summary": "RHBZ#1991305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1991305" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3717", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3717" } ], "release_date": "2021-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly: incorrect JBOSS_LOCAL_USER challenge location may lead to giving access to all the local users" }, { "acknowledgments": [ { "names": [ "Dirk Papenberg" ], "organization": "NTT DATA Germany" } ], "cve": "CVE-2021-20289", "cwe": { "id": "CWE-209", "name": "Generation of Error Message Containing Sensitive Information" }, "discovery_date": "2021-03-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1935927" } ], "notes": [ { "category": "description", "text": "A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method\u0027s parameter value. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Error message exposes endpoint class information", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-20289" }, { "category": "external", "summary": "RHBZ#1935927", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1935927" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20289", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20289" } ], "release_date": "2021-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "resteasy: Error message exposes endpoint class information" }, { "cve": "CVE-2021-37714", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2021-08-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1995259" } ], "notes": [ { "category": "description", "text": "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37714" }, { "category": "external", "summary": "RHBZ#1995259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37714", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37714" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37714", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37714" }, { "category": "external", "summary": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", "url": "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c" } ], "release_date": "2021-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck" }, { "cve": "CVE-2021-40690", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2021-09-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2011190" } ], "notes": [ { "category": "description", "text": "All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the \"secureValidation\" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security: XPath Transform abuse allows for information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "Since OpenShift Container Platform (OCP) 4.7, the logging-elasticsearch6-container is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-40690" }, { "category": "external", "summary": "RHBZ#2011190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2011190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-40690", "url": "https://www.cve.org/CVERecord?id=CVE-2021-40690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40690" }, { "category": "external", "summary": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E", "url": "https://lists.apache.org/thread.html/r8848751b6a5dd78cc9e99d627e74fecfaffdfa1bb615dce827aad633%40%3Cdev.santuario.apache.org%3E" } ], "release_date": "2021-09-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-12-15T14:38:03+00:00", "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:5150" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-0:3.3.12-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-apache-cxf-rt-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-services-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-apache-cxf-tools-0:3.3.12-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-0:1.5.3-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-ironjacamar-common-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-common-spi-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-api-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-core-impl-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-deployers-common-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-jdbc-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-ironjacamar-validator-0:1.5.3-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jakarta-el-0:3.0.3-3.redhat_00007.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-ejb-client-0:4.0.43-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-0:1.7.2-10.Final_redhat_00011.1.el7eap.src", "7Server-JBEAP-7.3:eap7-jboss-server-migration-cli-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-core-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-10.Final_redhat_00011.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-jsoup-0:1.14.2-1.redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-0:3.11.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-resteasy-atom-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-cdi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-client-microprofile-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-crypto-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jackson2-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxb-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jaxrs-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jettison-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jose-jwt-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-jsapi-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-binding-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-json-p-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-multipart-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-rxjava2-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-spring-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-validator-provider-11-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-resteasy-yaml-provider-0:3.11.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-undertow-0:2.0.41-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-0:7.3.10-2.GA_redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-elytron-0:1.10.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wildfly-elytron-tool-0:1.10.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk11-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-java-jdk8-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-javadocs-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wildfly-modules-0:7.3.10-2.GA_redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-0:2.2.7-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3:eap7-wss4j-bindings-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-policy-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-common-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-dom-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-policy-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-wss4j-ws-security-stax-0:2.2.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3:eap7-xml-security-0:2.1.7-1.redhat_00001.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security: XPath Transform abuse allows for information disclosure" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.