ID CVE-2019-9514
Summary Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
References
Vulnerable Configurations
  • cpe:2.3:a:apple:swiftnio:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apple:swiftnio:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:apple:swiftnio:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.1:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.1:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.2:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.2:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:6.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:6.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.1:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.1:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc3:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc3:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.2:rc4:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.2:rc4:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.3:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.3:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.4:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.4:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.4:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.4:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:7.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:7.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:rc0:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:rc0:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.0:rc4:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.0:rc4:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:apache:traffic_server:8.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:apache:traffic_server:8.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*
    cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
    cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*
  • cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
    cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*
  • cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*
    cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_service_mesh:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:single_sign-on:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:oracle:graalvm:19.2.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.21:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.7.2.23:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.7.2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:7.8.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:7.8.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:web_gateway:8.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:web_gateway:8.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:trident:-:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:-:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.2:-:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:11.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:-:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:-:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.2:hotfix1:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:12.1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:13.1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.79.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.79.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.97.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.97.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.99.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.3.0.99.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.36.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.36.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.40.5:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.5.0.40.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.14.9:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.14.9:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.68.9:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.68.9:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.70.9:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0.6.0.70.9:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2-0.0.37:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2-0.0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2-0.89.37:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2-0.89.37:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.11.37:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.11.37:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.18.37:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.18.37:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.32.37:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.2.0.32.37:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.0.33.11:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.0.33.11:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.0.48.11:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.0.48.11:*:*:*:*:*:*:*
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.1.1:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 09-12-2020 - 00:15)
Impact:
Exploitability:
CWE CWE-770
CAPEC
  • XML Attribute Blowup
    This attack exploits certain XML parsers which manage data in an inefficient manner. The attacker crafts an XML document with many attributes in the same XML node. In a vulnerable parser, this results in a denial of service condition owhere CPU resources are exhausted because of the parsing algorithm.
  • HTTP DoS
    An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.
  • HTTP Flood
    An adversary may execute a flooding attack using the HTTP protocol with the intent to deny legitimate users access to a service by consuming resources at the application layer such as web services and their infrastructure. These attacks use legitimate session-based HTTP GET requests designed to consume large amounts of a server's resources. Since these are legitimate sessions this attack is very difficult to detect.
  • ICMP Flood
    An adversary may execute a flooding attack using the ICMP protocol with the intent to deny legitimate users access to a service by consuming the available network bandwidth. A typical attack involves a victim server receiving ICMP packets at a high rate from a wide range of source addresses. Additionally, due to the session-less nature of the ICMP protocol, the source of a packet is easily spoofed making it difficult to find the source of the attack.
  • SOAP Array Blowup
    An adversary may execute an attack on a web service that uses SOAP messages in communication. By sending a very large SOAP array declaration to the web service, the attacker forces the web service to allocate space for the array elements before they are parsed by the XML parser. The attacker message is typically small in size containing a large array declaration of say 1,000,000 elements and a couple of array elements. This attack targets exhaustion of the memory resources of the web service.
  • XML Flood
    An adversary may execute a flooding attack using XML messages with the intent to deny legitimate users access to a web service. These attacks are accomplished by sending a large number of XML based requests and letting the service attempt to parse each one. In many cases this type of an attack will result in a XML Denial of Service (XDoS) due to an application becoming unstable, freezing, or crashing. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. This attack exploits the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.
  • UDP Fragmentation
    An attacker may execute a UDP Fragmentation attack against a target server in an attempt to consume resources such as bandwidth and CPU. IP fragmentation occurs when an IP datagram is larger than the MTU of the route the datagram has to traverse. Typically the attacker will use large UDP packets over 1500 bytes of data which forces fragmentation as ethernet MTU is 1500 bytes. This attack is a variation on a typical UDP flood but it enables more network bandwidth to be consumed with fewer packets. Additionally it has the potential to consume server CPU resources and fill memory buffers associated with the processing and reassembling of fragmented packets.
  • TCP Flood
    An adversary may execute a flooding attack using the TCP protocol with the intent to deny legitimate users access to a service. These attacks exploit the weakness within the TCP protocol where there is some state information for the connection the server needs to maintain.
  • Amplification
    An adversary may execute an amplification where the size of a response is far greater than that of the request that generates it. The goal of this attack is to use a relatively few resources to create a large amount of traffic against a target server. To execute this attack, an adversary send a request to a 3rd party service, spoofing the source address to be that of the target server. The larger response that is generated by the 3rd party service is then sent to the target server. By sending a large number of initial requests, the adversary can generate a tremendous amount of traffic directed at the target. The greater the discrepancy in size between the initial request and the final payload delivered to the target increased the effectiveness of this attack.
  • Excessive Allocation
    An adversary causes the target to allocate excessive resources to servicing the attackers' request, thereby reducing the resources available for legitimate services and degrading or denying services. Usually, this attack focuses on memory allocation, but any finite resource on the target could be the attacked, including bandwidth, processing cycles, or other resources. This attack does not attempt to force this allocation through a large number of requests (that would be Resource Depletion through Flooding) but instead uses one or a small number of requests that are carefully formatted to force the target to allocate excessive resources to service this request(s). Often this attack takes advantage of a bug in the target to cause the target to allocate resources vastly beyond what would be needed for a normal request.
  • UDP Flood
    An adversary may execute a flooding attack using the UDP protocol with the intent to deny legitimate users access to a service by consuming the available network bandwidth. Additionally, firewalls often open a port for each UDP connection destined for a service with an open UDP port, meaning the firewalls in essence save the connection state thus the high packet nature of a UDP flood can also overwhelm resources allocated to the firewall. UDP attacks can also target services like DNS or VoIP which utilize these protocols. Additionally, due to the session-less nature of the UDP protocol, the source of a packet is easily spoofed making it difficult to find the source of the attack.
  • XML Entity Expansion
    An attacker submits an XML document to a target application where the XML document uses nested entity expansion to produce an excessively large output XML. XML allows the definition of macro-like structures that can be used to simplify the creation of complex structures. However, this capability can be abused to create excessive demands on a processor's CPU and memory. A small number of nested expansions can result in an exponential growth in demands on memory.
  • XML Quadratic Expansion
    An adversary exploits a few properties of XML(substitution entities and inline DTDs) to cause a denial of service situation due to excessive memory being allocated to fully expand the XML. The result of this denial of service could cause the application to freeze or crash.
  • TCP Fragmentation
    An attacker may execute a TCP Fragmentation attack against a target with the intention of avoiding filtering rules. IP fragmentation occurs when an IP datagram is larger than the MTU of the route the datagram has to traverse. The attacker attempts to fragment the TCP packet such that the headers flag field is pushed into the second fragment which typically is not filtered. This behavior defeats some IPS and firewall filters who typically check the FLAGS in the header of the first packet since dropping this packet prevents the following fragments from being processed and assembled. Another variation is overlapping fragments thus that an innocuous first segment passes the filter and the second segment overwrites the TCP header data with the true payload which is malicious in nature. The malicious payload manipulated properly may lead to a DoS due to resource consumption or kernel crash. Additionally the fragmentation could be used in conjunction with sending fragments at a rate slightly slower than the timeout to cause a DoS condition by forcing resources that assemble the packet to wait an inordinate amount of time to complete the task. The fragmentation identification numbers could also be duplicated very easily as there are only 16 bits in IPv4 so only 65536 packets are needed.
  • XML Oversized Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an adversary to inject data that may have an adverse effect on the XML parser when it is being processed. By supplying oversized payloads in input vectors that will be processed by the XML parser, an adversary can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization, and potentially cause execution of arbitrary code. An adversary's goal is to leverage parser failure to his or her advantage. In many cases this type of an attack will result in a XML Denial of Service (XDoS) due to an application becoming unstable, freezing, or crashing. However it is possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.231.1]. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. This attack exploits the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.
  • Flooding
    An adversary consumes the resources of a target by rapidly engaging in a large number of interactions with the target. This type of attack generally exposes a weakness in rate limiting or flow. When successful this attack prevents legitimate users from accessing the service and can cause the target to crash. This attack differs from resource depletion through leaks or allocations in that the latter attacks do not rely on the volume of requests made to the target but instead focus on manipulation of the target's operations. The key factor in a flooding attack is the number of requests the adversary can make in a given period of time. The greater this number, the more likely an attack is to succeed against a given target.
  • XML Ping of the Death
    An attacker initiates a resource depletion attack where a large number of small XML messages are delivered at a sufficiently rapid rate to cause a denial of service or crash of the target. Transactions such as repetitive SOAP transactions can deplete resources faster than a simple flooding attack because of the additional resources used by the SOAP protocol and the resources necessary to process SOAP messages. The transactions used are immaterial as long as they cause resource utilization on the target. In other words, this is a normal flooding attack augmented by using messages that will require extra processing on the target.
  • XML Nested Payloads
    Applications often need to transform data in and out of the XML format by using an XML parser. It may be possible for an adversary to inject data that may have an adverse effect on the XML parser when it is being processed. By nesting XML data and causing this data to be continuously self-referential, an adversary can cause the XML parser to consume more resources while processing, causing excessive memory consumption and CPU utilization. An adversary's goal is to leverage parser failure to his or her advantage. In most cases this type of an attack will result in a XML Denial of Service (XDoS) due to an application becoming unstable, freezing, or crashing. However it may be possible to cause a crash resulting in arbitrary code execution, leading to a jump from the data plane to the control plane [R.230.1]. XDoS is most closely associated with web services, SOAP, and Rest, because remote service requesters can post malicious XML payloads to the service provider designed to exhaust the service provider's memory, CPU, and/or disk space. The main weakness in XDoS is that the service provider generally must inspect, parse, and validate the XML messages to determine routing, workflow, security considerations, and so on. It is exactly these inspection, parsing, and validation routines that XDoS targets. This attack exploits the loosely coupled nature of web services, where the service provider has little to no control over the service requester and any messages the service requester sends.
  • SSL Flood
    An adversary may execute a flooding attack using the SSL protocol with the intent to deny legitimate users access to a service by consuming all the available resources on the server side. These attacks take advantage of the asymmetric relationship between the processing power used by the client and the processing power used by the server to create a secure connection. In this manner the attacker can make a large number of HTTPS requests on a low provisioned machine to tie up a disproportionately large number of resources on the server. The clients then continue to keep renegotiating the SSL connection. When multiplied by a large number of attacking machines, this attack can result in a crash or loss of service to legitimate users.
  • ICMP Fragmentation
    An attacker may execute a ICMP Fragmentation attack against a target with the intention of consuming resources or causing a crash. The attacker crafts a large number of identical fragmented IP packets containing a portion of a fragmented ICMP message. The attacker these sends these messages to a target host which causes the host to become non-responsive. Another vector may be sending a fragmented ICMP message to a target host with incorrect sizes in the header which causes the host to hang.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
redhat via4
advisories
  • bugzilla
    id 1743169
    title Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode [8.0.0.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment Module go-toolset:rhel8 is enabled
        oval oval:com.redhat.rhsa:tst:20191519017
      • OR
        • AND
          • comment go-toolset is earlier than 0:1.11.13-1.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726001
          • comment go-toolset is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191519002
        • AND
          • comment golang is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726003
          • comment golang is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538002
        • AND
          • comment golang-bin is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726005
          • comment golang-bin is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538004
        • AND
          • comment golang-docs is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726007
          • comment golang-docs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538006
        • AND
          • comment golang-misc is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726009
          • comment golang-misc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538008
        • AND
          • comment golang-race is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726011
          • comment golang-race is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20191519012
        • AND
          • comment golang-src is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726013
          • comment golang-src is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538010
        • AND
          • comment golang-tests is earlier than 0:1.11.13-2.module+el8.0.1+4087+d8180914
            oval oval:com.redhat.rhsa:tst:20192726015
          • comment golang-tests is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161538012
    rhsa
    id RHSA-2019:2726
    released 2019-09-12
    severity Important
    title RHSA-2019:2726: go-toolset:rhel8 security and bug fix update (Important)
  • bugzilla
    id 1774382
    title Selinux won't allow SCTP inter pod communication [rhel-8.1.0.z]
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment Module container-tools:rhel8 is enabled
        oval oval:com.redhat.rhsa:tst:20190975043
      • OR
        • AND
          • comment buildah is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
            oval oval:com.redhat.rhsa:tst:20193403001
          • comment buildah is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975002
        • AND
          • comment buildah-debugsource is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
            oval oval:com.redhat.rhsa:tst:20193403003
          • comment buildah-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975004
        • AND
          • comment buildah-tests is earlier than 0:1.9.0-5.module+el8.1.0+4240+893c1ab8
            oval oval:com.redhat.rhsa:tst:20193403005
          • comment buildah-tests is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403006
        • AND
          • comment cockpit-podman is earlier than 0:4-1.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403007
          • comment cockpit-podman is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403008
        • AND
          • comment container-selinux is earlier than 2:2.123.0-2.module+el8.1.0+4900+9d7326b8
            oval oval:com.redhat.rhsa:tst:20194269009
          • comment container-selinux is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975006
        • AND
          • comment containernetworking-plugins is earlier than 0:0.8.1-3.module+el8.1.0+4881+045289ee
            oval oval:com.redhat.rhsa:tst:20194269011
          • comment containernetworking-plugins is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975008
        • AND
          • comment containernetworking-plugins-debugsource is earlier than 0:0.8.1-3.module+el8.1.0+4881+045289ee
            oval oval:com.redhat.rhsa:tst:20194269013
          • comment containernetworking-plugins-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975010
        • AND
          • comment containers-common is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
            oval oval:com.redhat.rhsa:tst:20194269015
          • comment containers-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975012
        • AND
          • comment fuse-overlayfs is earlier than 0:0.4.1-1.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403017
          • comment fuse-overlayfs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975014
        • AND
          • comment fuse-overlayfs-debugsource is earlier than 0:0.4.1-1.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403019
          • comment fuse-overlayfs-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975016
        • AND
          • comment oci-systemd-hook is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403021
          • comment oci-systemd-hook is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975018
        • AND
          • comment oci-systemd-hook-debugsource is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403023
          • comment oci-systemd-hook-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975020
        • AND
          • comment oci-umount is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403025
          • comment oci-umount is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975022
        • AND
          • comment oci-umount-debugsource is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403027
          • comment oci-umount-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975024
        • AND
          • comment podman is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269029
          • comment podman is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975026
        • AND
          • comment podman-debugsource is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269031
          • comment podman-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975028
        • AND
          • comment podman-docker is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269033
          • comment podman-docker is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975030
        • AND
          • comment podman-manpages is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269035
          • comment podman-manpages is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403036
        • AND
          • comment podman-remote is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269037
          • comment podman-remote is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403038
        • AND
          • comment podman-tests is earlier than 0:1.4.2-6.module+el8.1.0+4830+f49150d7
            oval oval:com.redhat.rhsa:tst:20194269039
          • comment podman-tests is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403040
        • AND
          • comment python-podman-api is earlier than 0:1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403041
          • comment python-podman-api is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403042
        • AND
          • comment runc is earlier than 0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
            oval oval:com.redhat.rhsa:tst:20194269043
          • comment runc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975032
        • AND
          • comment runc-debugsource is earlier than 0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
            oval oval:com.redhat.rhsa:tst:20194269045
          • comment runc-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975034
        • AND
          • comment skopeo is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
            oval oval:com.redhat.rhsa:tst:20194269047
          • comment skopeo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975036
        • AND
          • comment skopeo-debugsource is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
            oval oval:com.redhat.rhsa:tst:20194269049
          • comment skopeo-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975038
        • AND
          • comment skopeo-tests is earlier than 1:0.1.37-6.module+el8.1.0+4876+e678a192
            oval oval:com.redhat.rhsa:tst:20194269051
          • comment skopeo-tests is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403052
        • AND
          • comment slirp4netns is earlier than 0:0.3.0-4.module+el8.1.0+4306+1d917805
            oval oval:com.redhat.rhsa:tst:20193403053
          • comment slirp4netns is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975040
        • AND
          • comment slirp4netns-debugsource is earlier than 0:0.3.0-4.module+el8.1.0+4306+1d917805
            oval oval:com.redhat.rhsa:tst:20193403055
          • comment slirp4netns-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975042
        • AND
          • comment toolbox is earlier than 0:0.0.4-1.module+el8.1.0+4081+b29780af
            oval oval:com.redhat.rhsa:tst:20193403057
          • comment toolbox is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20193403058
    rhsa
    id RHSA-2019:4269
    released 2019-12-17
    severity Important
    title RHSA-2019:4269: container-tools:rhel8 security and bug fix update (Important)
  • bugzilla
    id 1735744
    title CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 8 is installed
        oval oval:com.redhat.rhba:tst:20193384074
      • comment Module container-tools:1.0 is enabled
        oval oval:com.redhat.rhsa:tst:20193494043
      • OR
        • AND
          • comment buildah is earlier than 0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273001
          • comment buildah is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975002
        • AND
          • comment buildah-debugsource is earlier than 0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273003
          • comment buildah-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975004
        • AND
          • comment container-selinux is earlier than 2:2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494005
          • comment container-selinux is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975006
        • AND
          • comment containernetworking-plugins is earlier than 0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273007
          • comment containernetworking-plugins is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975008
        • AND
          • comment containernetworking-plugins-debugsource is earlier than 0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273009
          • comment containernetworking-plugins-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975010
        • AND
          • comment containers-common is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
            oval oval:com.redhat.rhsa:tst:20194273011
          • comment containers-common is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975012
        • AND
          • comment fuse-overlayfs is earlier than 0:0.3-5.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494013
          • comment fuse-overlayfs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975014
        • AND
          • comment fuse-overlayfs-debugsource is earlier than 0:0.3-5.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494015
          • comment fuse-overlayfs-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975016
        • AND
          • comment oci-systemd-hook is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494017
          • comment oci-systemd-hook is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975018
        • AND
          • comment oci-systemd-hook-debugsource is earlier than 1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494019
          • comment oci-systemd-hook-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975020
        • AND
          • comment oci-umount is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494021
          • comment oci-umount is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975022
        • AND
          • comment oci-umount-debugsource is earlier than 2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
            oval oval:com.redhat.rhsa:tst:20193494023
          • comment oci-umount-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975024
        • AND
          • comment podman is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273025
          • comment podman is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975026
        • AND
          • comment podman-debugsource is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273027
          • comment podman-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975028
        • AND
          • comment podman-docker is earlier than 0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273029
          • comment podman-docker is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975030
        • AND
          • comment runc is earlier than 0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273031
          • comment runc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975032
        • AND
          • comment runc-debugsource is earlier than 0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
            oval oval:com.redhat.rhsa:tst:20194273033
          • comment runc-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975034
        • AND
          • comment skopeo is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
            oval oval:com.redhat.rhsa:tst:20194273035
          • comment skopeo is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975036
        • AND
          • comment skopeo-debugsource is earlier than 1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
            oval oval:com.redhat.rhsa:tst:20194273037
          • comment skopeo-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975038
        • AND
          • comment slirp4netns is earlier than 0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
            oval oval:com.redhat.rhsa:tst:20193494039
          • comment slirp4netns is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975040
        • AND
          • comment slirp4netns-debugsource is earlier than 0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
            oval oval:com.redhat.rhsa:tst:20193494041
          • comment slirp4netns-debugsource is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20190975042
    rhsa
    id RHSA-2019:4273
    released 2019-12-17
    severity Important
    title RHSA-2019:4273: container-tools:1.0 security update (Important)
  • rhsa
    id RHSA-2019:2594
  • rhsa
    id RHSA-2019:2661
  • rhsa
    id RHSA-2019:2682
  • rhsa
    id RHSA-2019:2690
  • rhsa
    id RHSA-2019:2766
  • rhsa
    id RHSA-2019:2769
  • rhsa
    id RHSA-2019:2796
  • rhsa
    id RHSA-2019:2861
  • rhsa
    id RHSA-2019:2925
  • rhsa
    id RHSA-2019:2939
  • rhsa
    id RHSA-2019:2955
  • rhsa
    id RHSA-2019:2966
  • rhsa
    id RHSA-2019:3131
  • rhsa
    id RHSA-2019:3245
  • rhsa
    id RHSA-2019:3265
  • rhsa
    id RHSA-2019:3892
  • rhsa
    id RHSA-2019:3906
  • rhsa
    id RHSA-2019:4018
  • rhsa
    id RHSA-2019:4019
  • rhsa
    id RHSA-2019:4020
  • rhsa
    id RHSA-2019:4021
  • rhsa
    id RHSA-2019:4040
  • rhsa
    id RHSA-2019:4041
  • rhsa
    id RHSA-2019:4042
  • rhsa
    id RHSA-2019:4045
  • rhsa
    id RHSA-2019:4352
  • rhsa
    id RHSA-2020:0406
  • rhsa
    id RHSA-2020:0727
rpms
  • apb-0:1.9.8-1.el7
  • apb-container-scripts-0:1.9.8-1.el7
  • apb-devel-0:1.9.8-1.el7
  • atomic-enterprise-service-catalog-1:3.11.153-1.git.1.e227636.el7
  • atomic-enterprise-service-catalog-svcat-1:3.11.153-1.git.1.e227636.el7
  • atomic-openshift-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-clients-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-clients-redistributable-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-cluster-autoscaler-0:3.11.153-1.git.1.bde8a94.el7
  • atomic-openshift-descheduler-0:3.11.153-1.git.1.69ca8e7.el7
  • atomic-openshift-docker-excluder-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-dockerregistry-0:3.11.153-1.git.1.74c6913.el7
  • atomic-openshift-excluder-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-hyperkube-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-hypershift-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-master-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-metrics-server-0:3.11.153-1.git.1.a8cdc59.el7
  • atomic-openshift-node-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-node-problem-detector-0:3.11.153-1.git.1.7fbf681.el7
  • atomic-openshift-pod-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-sdn-ovs-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-service-idler-0:3.11.153-1.git.1.208da50.el7
  • atomic-openshift-template-service-broker-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-tests-0:3.11.153-1.git.0.aaf3f71.el7
  • atomic-openshift-web-console-0:3.11.153-1.git.1.7b8d88b.el7
  • cri-tools-0:1.11.1-2.rhaos3.11.gitedabfb5.el7
  • cri-tools-debuginfo-0:1.11.1-2.rhaos3.11.gitedabfb5.el7
  • golang-github-openshift-oauth-proxy-0:3.11.153-1.git.1.a814e13.el7
  • jenkins-0:2.176.3.1569349414-1.el7
  • jenkins-2-plugins-0:3.11.1568994366-1.el7
  • mediawiki-0:1.27.7-1.el7
  • mediawiki-doc-0:1.27.7-1.el7
  • openshift-ansible-0:3.11.153-2.git.0.ee699b5.el7
  • openshift-ansible-docs-0:3.11.153-2.git.0.ee699b5.el7
  • openshift-ansible-playbooks-0:3.11.153-2.git.0.ee699b5.el7
  • openshift-ansible-roles-0:3.11.153-2.git.0.ee699b5.el7
  • openshift-ansible-test-0:3.11.153-2.git.0.ee699b5.el7
  • openshift-enterprise-autoheal-0:3.11.153-1.git.1.a190220.el7
  • openshift-enterprise-cluster-capacity-0:3.11.153-1.git.1.5f83714.el7
  • openshift-kuryr-cni-0:3.11.153-1.git.1.073ef06.el7
  • openshift-kuryr-common-0:3.11.153-1.git.1.073ef06.el7
  • openshift-kuryr-controller-0:3.11.153-1.git.1.073ef06.el7
  • openshift-monitor-project-lifecycle-0:3.11.51-2.git.59.7b59e29.el7
  • prometheus-0:3.11.153-1.git.1.7a486a2.el7
  • prometheus-alertmanager-0:3.11.153-1.git.1.2768abd.el7
  • prometheus-node-exporter-0:3.11.153-1.git.1.0e8ef36.el7
  • python2-kuryr-kubernetes-0:3.11.153-1.git.1.073ef06.el7
  • atomic-enterprise-service-catalog-1:4.1.14-201908290858.git.1.28cc9ff.el7
  • atomic-enterprise-service-catalog-svcat-1:4.1.14-201908290858.git.1.28cc9ff.el7
  • openshift-clients-0:4.1.14-201908290858.git.0.3bd3467.el7
  • openshift-clients-0:4.1.14-201908290858.git.0.3bd3467.el8
  • openshift-clients-redistributable-0:4.1.14-201908290858.git.0.3bd3467.el7
  • openshift-clients-redistributable-0:4.1.14-201908290858.git.0.3bd3467.el8
  • openshift-hyperkube-0:4.1.14-201908290858.git.0.3bd3467.el7
  • openshift-hyperkube-0:4.1.14-201908290858.git.0.3bd3467.el8
  • go-toolset-1.11-0:1.11.13-1.el7
  • go-toolset-1.11-build-0:1.11.13-1.el7
  • go-toolset-1.11-golang-0:1.11.13-2.el7
  • go-toolset-1.11-golang-bin-0:1.11.13-2.el7
  • go-toolset-1.11-golang-docs-0:1.11.13-2.el7
  • go-toolset-1.11-golang-misc-0:1.11.13-2.el7
  • go-toolset-1.11-golang-race-0:1.11.13-2.el7
  • go-toolset-1.11-golang-src-0:1.11.13-2.el7
  • go-toolset-1.11-golang-tests-0:1.11.13-2.el7
  • go-toolset-1.11-runtime-0:1.11.13-1.el7
  • go-toolset-1.11-scldevel-0:1.11.13-1.el7
  • atomic-openshift-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-clients-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-clients-redistributable-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-docker-excluder-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-excluder-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-hyperkube-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-hypershift-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-master-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-node-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-pod-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-sdn-ovs-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-template-service-broker-0:3.10.170-1.git.0.8e592d6.el7
  • atomic-openshift-tests-0:3.10.170-1.git.0.8e592d6.el7
  • go-toolset-0:1.11.13-1.module+el8.0.1+4087+d8180914
  • golang-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-bin-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-docs-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-misc-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-race-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-src-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • golang-tests-0:1.11.13-2.module+el8.0.1+4087+d8180914
  • ansible-service-broker-0:1.1.20-2.el7
  • ansible-service-broker-container-scripts-0:1.1.20-2.el7
  • ansible-service-broker-selinux-0:1.1.20-2.el7
  • atomic-openshift-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-clients-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-clients-redistributable-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-cluster-capacity-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-descheduler-0:3.9.13-2.git.267.bb59a3f.el7
  • atomic-openshift-docker-excluder-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-dockerregistry-0:3.9.101-1.git.1.13625cf.el7
  • atomic-openshift-excluder-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-federation-services-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-master-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-node-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-node-problem-detector-0:3.9.13-2.git.167.5d6b0d4.el7
  • atomic-openshift-pod-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-sdn-ovs-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-service-catalog-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-template-service-broker-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-tests-0:3.9.101-1.git.0.150f595.el7
  • atomic-openshift-web-console-0:3.9.101-1.git.1.601c6d2.el7
  • cockpit-debuginfo-0:195-2.rhaos.el7
  • cockpit-kubernetes-0:195-2.rhaos.el7
  • containernetworking-plugins-0:0.5.2-6.el7
  • containernetworking-plugins-debuginfo-0:0.5.2-6.el7
  • cri-o-0:1.9.16-3.git858756d.el7
  • cri-o-debuginfo-0:1.9.16-3.git858756d.el7
  • cri-tools-0:1.0.0-6.rhaos3.9.git8e6013a.el7
  • cri-tools-debuginfo-0:1.0.0-6.rhaos3.9.git8e6013a.el7
  • golang-github-openshift-oauth-proxy-0:2.1-3.git885c9f40.el7
  • golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
  • golang-github-prometheus-promu-0:0-5.git85ceabc.el7
  • hawkular-openshift-agent-0:1.2.2-3.el7
  • heapster-0:1.3.0-4.el7
  • image-inspector-0:2.1.3-2.el7
  • openshift-enterprise-image-registry-0:3.8.0-2.git.216.b6b90bb.el7
  • openshift-eventrouter-0:0.1-3.git5bd9251.el7
  • openshift-eventrouter-debuginfo-0:0.1-3.git5bd9251.el7
  • openshift-external-storage-debuginfo-0:0.0.1-9.git78d6339.el7
  • openshift-external-storage-efs-provisioner-0:0.0.1-9.git78d6339.el7
  • openshift-external-storage-local-provisioner-0:0.0.1-9.git78d6339.el7
  • openshift-external-storage-snapshot-controller-0:0.0.1-9.git78d6339.el7
  • openshift-external-storage-snapshot-provisioner-0:0.0.1-9.git78d6339.el7
  • openvswitch-ovn-kubernetes-0:0.1.0-3.el7
  • prometheus-0:2.2.1-2.gitbc6058c.el7
  • prometheus-alertmanager-0:0.14.0-2.git30af4d0.el7
  • prometheus-node-exporter-0:3.9.101-1.git.1.8295224.el7
  • prometheus-promu-0:0-5.git85ceabc.el7
  • skydive-0:0.20.5-2.el7ost
  • skydive-agent-0:0.20.5-2.el7ost
  • skydive-analyzer-0:0.20.5-2.el7ost
  • skydive-ansible-0:0.20.5-2.el7ost
  • skydive-debuginfo-0:0.20.5-2.el7ost
  • skydive-selinux-0:0.20.5-2.el7ost
  • cri-o-0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
  • cri-o-debuginfo-0:1.11.16-0.2.dev.rhaos3.11.git3f89eba.el7
  • nodejs-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-debuginfo-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-debugsource-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-devel-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-devel-debuginfo-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-docs-1:10.16.3-2.module+el8.0.0+4214+49953fda
  • nodejs-nodemon-0:1.18.3-1.module+el8+2632+6c5111ed
  • nodejs-packaging-0:17-3.module+el8+2873+aa7dfd9a
  • npm-1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • rh-nodejs10-0:3.2-3.el7
  • rh-nodejs10-nodejs-0:10.16.3-3.el7
  • rh-nodejs10-nodejs-debuginfo-0:10.16.3-3.el7
  • rh-nodejs10-nodejs-devel-0:10.16.3-3.el7
  • rh-nodejs10-nodejs-docs-0:10.16.3-3.el7
  • rh-nodejs10-npm-0:6.9.0-10.16.3.3.el7
  • rh-nodejs10-runtime-0:3.2-3.el7
  • rh-nodejs10-scldevel-0:3.2-3.el7
  • rh-nodejs8-0:3.0-5.el7
  • rh-nodejs8-nodejs-0:8.16.1-2.el7
  • rh-nodejs8-nodejs-debuginfo-0:8.16.1-2.el7
  • rh-nodejs8-nodejs-devel-0:8.16.1-2.el7
  • rh-nodejs8-nodejs-docs-0:8.16.1-2.el7
  • rh-nodejs8-npm-0:6.4.1-8.16.1.2.el7
  • rh-nodejs8-runtime-0:3.0-5.el7
  • rh-nodejs8-scldevel-0:3.0-5.el7
  • cri-o-0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
  • cri-o-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
  • cri-o-debuginfo-0:1.13.11-0.10.dev.rhaos4.1.gitbdeb2ca.el7
  • cri-o-debuginfo-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
  • cri-o-debugsource-0:1.13.11-0.13.dev.rhaos4.1.gitbdeb2ca.el8
  • cri-tools-0:1.13.0-2.rhaos4.1.gitc06001f.el7
  • cri-tools-0:1.13.0-3.rhaos4.1.gitb69a0b9.el8
  • cri-tools-debuginfo-0:1.13.0-2.rhaos4.1.gitc06001f.el7
  • faq-0:0.0.6-4.el7
  • faq-debuginfo-0:0.0.6-4.el7
  • ignition-0:0.32.0-2.git5941fc0.el8
  • ignition-debuginfo-0:0.32.0-2.git5941fc0.el8
  • ignition-debugsource-0:0.32.0-2.git5941fc0.el8
  • ignition-validate-0:0.32.0-2.git5941fc0.el8
  • ignition-validate-debuginfo-0:0.32.0-2.git5941fc0.el8
  • openshift-external-storage-cephfs-provisioner-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-debuginfo-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-efs-provisioner-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-local-provisioner-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-manila-provisioner-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-snapshot-controller-0:0.0.2-7.gitd3c94f0.el7
  • openshift-external-storage-snapshot-provisioner-0:0.0.2-7.gitd3c94f0.el7
  • pivot-0:0.0.5-2.el8
  • apb-0:2.0.3-2.el7
  • apb-container-scripts-0:2.0.3-2.el7
  • apb-devel-0:2.0.3-2.el7
  • containernetworking-plugins-0:0.8.1-4.el7
  • containernetworking-plugins-debuginfo-0:0.8.1-4.el7
  • golang-github-prometheus-promu-0:0.5.0-2.git642a960.el7
  • prometheus-promu-0:0.5.0-2.git642a960.el7
  • ansible-operator-0:0.0.1-3.git.59.4beb3d2.el7
  • ansible-operator-container-scripts-0:0.0.1-3.git.59.4beb3d2.el7
  • ansible-operator-devel-0:0.0.1-3.git.59.4beb3d2.el7
  • apb-0:2.0.3-2.el7
  • apb-container-scripts-0:2.0.3-2.el7
  • apb-devel-0:2.0.3-2.el7
  • containernetworking-plugins-0:0.8.1-4.el7
  • containernetworking-plugins-debuginfo-0:0.8.1-4.el7
  • golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
  • golang-github-prometheus-promu-0:0-5.git85ceabc.el7
  • openshift-eventrouter-0:0.2-3.gited73fb6.el7
  • openshift-eventrouter-debuginfo-0:0.2-3.gited73fb6.el7
  • prometheus-promu-0:0-5.git85ceabc.el7
  • atomic-enterprise-service-catalog-1:3.11.154-1.git.1.fa68ced.el7
  • atomic-enterprise-service-catalog-svcat-1:3.11.154-1.git.1.fa68ced.el7
  • atomic-openshift-cluster-autoscaler-0:3.11.154-1.git.1.532da7a.el7
  • atomic-openshift-descheduler-0:3.11.154-1.git.1.1d31032.el7
  • atomic-openshift-metrics-server-0:3.11.154-1.git.1.6a6b6ce.el7
  • atomic-openshift-node-problem-detector-0:3.11.154-1.git.1.5e8e065.el7
  • atomic-openshift-service-idler-0:3.11.154-1.git.1.f80fb86.el7
  • atomic-openshift-web-console-0:3.11.154-1.git.1.f54cb18.el7
  • cockpit-debuginfo-0:195-2.rhaos.el7
  • cockpit-kubernetes-0:195-2.rhaos.el7
  • csi-attacher-0:0.2.0-4.git27299be.el7
  • csi-attacher-debuginfo-0:0.2.0-4.git27299be.el7
  • csi-driver-registrar-0:0.2.0-2.el7
  • csi-driver-registrar-debuginfo-0:0.2.0-2.el7
  • csi-livenessprobe-0:0.0.1-2.gitff5b6a0.el7
  • csi-livenessprobe-debuginfo-0:0.0.1-2.gitff5b6a0.el7
  • csi-provisioner-0:0.2.0-3.el7
  • csi-provisioner-debuginfo-0:0.2.0-3.el7
  • golang-github-openshift-oauth-proxy-0:3.11.154-1.git.1.220e3dc.el7
  • golang-github-openshift-prometheus-alert-buffer-0:0-3.gitceca8c1.el7
  • hawkular-openshift-agent-0:1.2.2-3.el7
  • heapster-0:1.3.0-4.el7
  • image-inspector-0:2.4.0-4.el7
  • openshift-enterprise-autoheal-0:3.11.154-1.git.1.13199be.el7
  • openshift-enterprise-cluster-capacity-0:3.11.154-1.git.1.5798c2c.el7
  • openshift-eventrouter-0:0.2-4.git7c289cc.el7
  • openshift-eventrouter-debuginfo-0:0.2-4.git7c289cc.el7
  • openshift-external-storage-cephfs-provisioner-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-debuginfo-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-efs-provisioner-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-local-provisioner-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-manila-provisioner-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-snapshot-controller-0:0.0.2-9.gitd3c94f0.el7
  • openshift-external-storage-snapshot-provisioner-0:0.0.2-9.gitd3c94f0.el7
  • prometheus-0:3.11.154-1.git.1.148db48.el7
  • prometheus-alertmanager-0:3.11.154-1.git.1.4acd2e6.el7
  • prometheus-node-exporter-0:3.11.154-1.git.1.bc9f224.el7
  • eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el6eap
  • eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el6eap
  • eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el6eap
  • eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el6eap
  • eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el6eap
  • eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el6eap
  • eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el6eap
  • eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el6eap
  • eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el6eap
  • eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el6eap
  • eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el6eap
  • eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el6eap
  • eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el6eap
  • eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el6eap
  • eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el6eap
  • eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el6eap
  • eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el6eap
  • eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el6eap
  • eap7-yasson-0:1.0.5-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el7eap
  • eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el7eap
  • eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el7eap
  • eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el7eap
  • eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el7eap
  • eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el7eap
  • eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el7eap
  • eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el7eap
  • eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el7eap
  • eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el7eap
  • eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el7eap
  • eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el7eap
  • eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el7eap
  • eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el7eap
  • eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-java-jdk11-0:7.2.5-4.GA_redhat_00002.1.el7eap
  • eap7-wildfly-java-jdk8-0:7.2.5-4.GA_redhat_00002.1.el7eap
  • eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el7eap
  • eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el7eap
  • eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el7eap
  • eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el7eap
  • eap7-yasson-0:1.0.5-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-0:3.2.10-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-rt-0:3.2.10-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-services-0:3.2.10-1.redhat_00001.1.el8eap
  • eap7-apache-cxf-tools-0:3.2.10-1.redhat_00001.1.el8eap
  • eap7-byte-buddy-0:1.9.11-1.redhat_00002.1.el8eap
  • eap7-glassfish-jsf-0:2.3.5-5.SP3_redhat_00003.1.el8eap
  • eap7-hal-console-0:3.0.17-2.Final_redhat_00001.1.el8eap
  • eap7-hibernate-0:5.3.13-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-core-0:5.3.13-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-entitymanager-0:5.3.13-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-envers-0:5.3.13-1.Final_redhat_00001.1.el8eap
  • eap7-hibernate-java8-0:5.3.13-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-common-api-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-common-impl-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-common-spi-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-core-api-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-core-impl-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-deployers-common-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-jdbc-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-ironjacamar-validator-0:1.4.18-1.Final_redhat_00001.1.el8eap
  • eap7-jboss-genericjms-0:2.0.2-1.Final_redhat_00001.1.el8eap
  • eap7-jboss-msc-0:1.4.11-1.Final_redhat_00001.1.el8eap
  • eap7-jboss-remoting-0:5.0.16-2.Final_redhat_00001.1.el8eap
  • eap7-jboss-server-migration-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-cli-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-core-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly14.0-server-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.1-6.Final_redhat_00006.1.el8eap
  • eap7-jboss-xnio-base-0:3.7.6-2.SP1_redhat_00001.1.el8eap
  • eap7-picketbox-0:5.0.3-6.Final_redhat_00005.1.el8eap
  • eap7-picketbox-infinispan-0:5.0.3-6.Final_redhat_00005.1.el8eap
  • eap7-picketlink-api-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-bindings-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-common-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-config-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-federation-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-idm-api-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-idm-impl-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-idm-simple-schema-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-impl-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-picketlink-wildfly8-0:2.5.5-20.SP12_redhat_00009.1.el8eap
  • eap7-resteasy-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-atom-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-cdi-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-client-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-client-microprofile-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-crypto-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jackson-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jackson2-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jaxb-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jaxrs-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jettison-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jose-jwt-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-jsapi-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-json-binding-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-json-p-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-multipart-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-rxjava2-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-spring-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-validator-provider-11-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-resteasy-yaml-provider-0:3.6.1-7.SP7_redhat_00001.1.el8eap
  • eap7-undertow-0:2.0.26-2.SP3_redhat_00001.1.el8eap
  • eap7-wildfly-0:7.2.5-4.GA_redhat_00002.1.el8eap
  • eap7-wildfly-elytron-0:1.6.5-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-elytron-tool-0:1.4.4-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-client-common-0:1.0.17-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-ejb-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-naming-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-http-transaction-client-0:1.0.17-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-javadocs-0:7.2.5-4.GA_redhat_00002.1.el8eap
  • eap7-wildfly-modules-0:7.2.5-4.GA_redhat_00002.1.el8eap
  • eap7-wildfly-openssl-0:1.0.8-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-openssl-java-0:1.0.8-1.Final_redhat_00001.1.el8eap
  • eap7-wildfly-openssl-linux-x86_64-0:1.0.8-5.Final_redhat_00001.1.el8eap
  • eap7-wildfly-openssl-linux-x86_64-debuginfo-0:1.0.8-5.Final_redhat_00001.1.el8eap
  • eap7-yasson-0:1.0.5-1.redhat_00001.1.el8eap
  • rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el6sso
  • rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el6sso
  • rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el7sso
  • rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el7sso
  • rh-sso7-keycloak-0:4.8.15-1.Final_redhat_00001.1.el8sso
  • rh-sso7-keycloak-server-0:4.8.15-1.Final_redhat_00001.1.el8sso
  • buildah-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
  • buildah-debuginfo-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
  • buildah-debugsource-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
  • buildah-tests-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
  • buildah-tests-debuginfo-0:1.9.0-5.module+el8.1.0+4240+893c1ab8
  • cockpit-podman-0:4-1.module+el8.1.0+4081+b29780af
  • container-selinux-2:2.123.0-2.module+el8.1.0+4900+9d7326b8
  • containernetworking-plugins-0:0.8.1-3.module+el8.1.0+4881+045289ee
  • containernetworking-plugins-debuginfo-0:0.8.1-3.module+el8.1.0+4881+045289ee
  • containernetworking-plugins-debugsource-0:0.8.1-3.module+el8.1.0+4881+045289ee
  • containers-common-1:0.1.37-6.module+el8.1.0+4876+e678a192
  • fuse-overlayfs-0:0.4.1-1.module+el8.1.0+4081+b29780af
  • fuse-overlayfs-debuginfo-0:0.4.1-1.module+el8.1.0+4081+b29780af
  • fuse-overlayfs-debugsource-0:0.4.1-1.module+el8.1.0+4081+b29780af
  • oci-systemd-hook-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
  • oci-systemd-hook-debuginfo-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
  • oci-systemd-hook-debugsource-1:0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af
  • oci-umount-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
  • oci-umount-debuginfo-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
  • oci-umount-debugsource-2:2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af
  • podman-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-debuginfo-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-debugsource-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-docker-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-manpages-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-remote-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-remote-debuginfo-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • podman-tests-0:1.4.2-6.module+el8.1.0+4830+f49150d7
  • python-podman-api-0:1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af
  • runc-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
  • runc-debuginfo-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
  • runc-debugsource-0:1.0.0-61.rc8.module+el8.1.0+4873+4a24e241
  • skopeo-1:0.1.37-6.module+el8.1.0+4876+e678a192
  • skopeo-debuginfo-1:0.1.37-6.module+el8.1.0+4876+e678a192
  • skopeo-debugsource-1:0.1.37-6.module+el8.1.0+4876+e678a192
  • skopeo-tests-1:0.1.37-6.module+el8.1.0+4876+e678a192
  • slirp4netns-0:0.3.0-4.module+el8.1.0+4306+1d917805
  • slirp4netns-debuginfo-0:0.3.0-4.module+el8.1.0+4306+1d917805
  • slirp4netns-debugsource-0:0.3.0-4.module+el8.1.0+4306+1d917805
  • toolbox-0:0.0.4-1.module+el8.1.0+4081+b29780af
  • buildah-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
  • buildah-debuginfo-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
  • buildah-debugsource-0:1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef
  • container-selinux-2:2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0
  • containernetworking-plugins-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
  • containernetworking-plugins-debuginfo-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
  • containernetworking-plugins-debugsource-0:0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef
  • containers-common-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
  • fuse-overlayfs-0:0.3-5.module+el8.1.0+3468+011f0ab0
  • fuse-overlayfs-debuginfo-0:0.3-5.module+el8.1.0+3468+011f0ab0
  • fuse-overlayfs-debugsource-0:0.3-5.module+el8.1.0+3468+011f0ab0
  • oci-systemd-hook-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
  • oci-systemd-hook-debuginfo-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
  • oci-systemd-hook-debugsource-1:0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0
  • oci-umount-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
  • oci-umount-debuginfo-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
  • oci-umount-debugsource-2:2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0
  • podman-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
  • podman-debuginfo-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
  • podman-debugsource-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
  • podman-docker-0:1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef
  • runc-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
  • runc-debuginfo-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
  • runc-debugsource-0:1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef
  • skopeo-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
  • skopeo-debuginfo-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
  • skopeo-debugsource-1:0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c
  • slirp4netns-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
  • slirp4netns-debuginfo-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
  • slirp4netns-debugsource-0:0.1-3.dev.gitc4e1bc5.module+el8.1.0+4308+9d868e48
  • containernetworking-plugins-0:0.8.1-4.el7_7
  • containernetworking-plugins-debuginfo-0:0.8.1-4.el7_7
refmap via4
bugtraq
  • 20190814 APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0
  • 20190819 [SECURITY] [DSA 4503-1] golang-1.11 security update
  • 20190825 [SECURITY] [DSA 4508-1] h2o security update
  • 20190910 [SECURITY] [DSA 4520-1] trafficserver security update
cert-vn VU#605641
confirm
debian
  • DSA-4503
  • DSA-4508
  • DSA-4520
  • DSA-4669
fedora
  • FEDORA-2019-55d101a740
  • FEDORA-2019-5a6a7bc12c
  • FEDORA-2019-65db7ad6c7
  • FEDORA-2019-6a2980de56
fulldisc 20190816 APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0
misc https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
mlist
  • [oss-security] 20190819 [ANNOUNCE] Security release of Kubernetes v1.15.3, v1.14.6, v1.13.10 - CVE-2019-9512 and CVE-2019-9514
  • [trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks
  • [trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks
  • [trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks
suse
  • openSUSE-SU-2019:2000
  • openSUSE-SU-2019:2056
  • openSUSE-SU-2019:2072
  • openSUSE-SU-2019:2085
  • openSUSE-SU-2019:2114
  • openSUSE-SU-2019:2115
  • openSUSE-SU-2019:2130
ubuntu USN-4308-1
Last major update 09-12-2020 - 00:15
Published 13-08-2019 - 21:15
Last modified 09-12-2020 - 00:15
Back to Top