ID CVE-2015-7501
Summary Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 15-07-2020 - 03:15)
Impact:
Exploitability:
CWE CWE-502
CAPEC
  • Object Injection
    An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • bugzilla
    id 1279330
    title CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment jakarta-commons-collections is earlier than 0:3.2.1-3.5.el6_7
            oval oval:com.redhat.rhsa:tst:20152521001
          • comment jakarta-commons-collections is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152521002
        • AND
          • comment jakarta-commons-collections-javadoc is earlier than 0:3.2.1-3.5.el6_7
            oval oval:com.redhat.rhsa:tst:20152521003
          • comment jakarta-commons-collections-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152521004
        • AND
          • comment jakarta-commons-collections-testframework is earlier than 0:3.2.1-3.5.el6_7
            oval oval:com.redhat.rhsa:tst:20152521005
          • comment jakarta-commons-collections-testframework is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152521006
        • AND
          • comment jakarta-commons-collections-testframework-javadoc is earlier than 0:3.2.1-3.5.el6_7
            oval oval:com.redhat.rhsa:tst:20152521007
          • comment jakarta-commons-collections-testframework-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152521008
        • AND
          • comment jakarta-commons-collections-tomcat5 is earlier than 0:3.2.1-3.5.el6_7
            oval oval:com.redhat.rhsa:tst:20152521009
          • comment jakarta-commons-collections-tomcat5 is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152521010
    rhsa
    id RHSA-2015:2521
    released 2015-11-30
    severity Important
    title RHSA-2015:2521: jakarta-commons-collections security update (Important)
  • bugzilla
    id 1279330
    title CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment apache-commons-collections is earlier than 0:3.2.1-22.el7_2
            oval oval:com.redhat.rhsa:tst:20152522001
          • comment apache-commons-collections is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152522002
        • AND
          • comment apache-commons-collections-javadoc is earlier than 0:3.2.1-22.el7_2
            oval oval:com.redhat.rhsa:tst:20152522003
          • comment apache-commons-collections-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152522004
        • AND
          • comment apache-commons-collections-testframework is earlier than 0:3.2.1-22.el7_2
            oval oval:com.redhat.rhsa:tst:20152522005
          • comment apache-commons-collections-testframework is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152522006
        • AND
          • comment apache-commons-collections-testframework-javadoc is earlier than 0:3.2.1-22.el7_2
            oval oval:com.redhat.rhsa:tst:20152522007
          • comment apache-commons-collections-testframework-javadoc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20152522008
    rhsa
    id RHSA-2015:2522
    released 2015-11-30
    severity Important
    title RHSA-2015:2522: apache-commons-collections security update (Important)
  • bugzilla
    id 1279330
    title CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment jakarta-commons-collections is earlier than 0:3.2-2jpp.4
            oval oval:com.redhat.rhsa:tst:20152671001
          • comment jakarta-commons-collections is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20152671002
        • AND
          • comment jakarta-commons-collections-javadoc is earlier than 0:3.2-2jpp.4
            oval oval:com.redhat.rhsa:tst:20152671003
          • comment jakarta-commons-collections-javadoc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20152671004
        • AND
          • comment jakarta-commons-collections-testframework is earlier than 0:3.2-2jpp.4
            oval oval:com.redhat.rhsa:tst:20152671005
          • comment jakarta-commons-collections-testframework is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20152671006
        • AND
          • comment jakarta-commons-collections-testframework-javadoc is earlier than 0:3.2-2jpp.4
            oval oval:com.redhat.rhsa:tst:20152671007
          • comment jakarta-commons-collections-testframework-javadoc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20152671008
        • AND
          • comment jakarta-commons-collections-tomcat5 is earlier than 0:3.2-2jpp.4
            oval oval:com.redhat.rhsa:tst:20152671009
          • comment jakarta-commons-collections-tomcat5 is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20152671010
    rhsa
    id RHSA-2015:2671
    released 2015-12-21
    severity Important
    title RHSA-2015:2671: jakarta-commons-collections security update (Important)
  • rhsa
    id RHSA-2015:2500
  • rhsa
    id RHSA-2015:2501
  • rhsa
    id RHSA-2015:2502
  • rhsa
    id RHSA-2015:2514
  • rhsa
    id RHSA-2015:2516
  • rhsa
    id RHSA-2015:2517
  • rhsa
    id RHSA-2015:2524
  • rhsa
    id RHSA-2015:2536
  • rhsa
    id RHSA-2015:2670
  • rhsa
    id RHSA-2016:0040
  • rhsa
    id RHSA-2016:1773
rpms
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el5
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el6
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el7
  • jakarta-commons-collections-0:3.2.1-3.5.el6_7
  • jakarta-commons-collections-javadoc-0:3.2.1-3.5.el6_7
  • jakarta-commons-collections-testframework-0:3.2.1-3.5.el6_7
  • jakarta-commons-collections-testframework-javadoc-0:3.2.1-3.5.el6_7
  • jakarta-commons-collections-tomcat5-0:3.2.1-3.5.el6_7
  • apache-commons-collections-0:3.2.1-22.el7_2
  • apache-commons-collections-javadoc-0:3.2.1-22.el7_2
  • apache-commons-collections-testframework-0:3.2.1-22.el7_2
  • apache-commons-collections-testframework-javadoc-0:3.2.1-22.el7_2
  • rh-java-common-apache-commons-collections-0:3.2.1-21.13.el6
  • rh-java-common-apache-commons-collections-0:3.2.1-21.13.el7
  • rh-java-common-apache-commons-collections-javadoc-0:3.2.1-21.13.el6
  • rh-java-common-apache-commons-collections-javadoc-0:3.2.1-21.13.el7
  • rh-java-common-apache-commons-collections-testframework-0:3.2.1-21.13.el6
  • rh-java-common-apache-commons-collections-testframework-0:3.2.1-21.13.el7
  • rh-java-common-apache-commons-collections-testframework-javadoc-0:3.2.1-21.13.el6
  • rh-java-common-apache-commons-collections-testframework-javadoc-0:3.2.1-21.13.el7
  • jakarta-commons-collections-0:3.2.1-5.ep5.el4
  • jakarta-commons-collections-0:3.2.1-5.ep5.el5
  • jakarta-commons-collections-0:3.2.1-5.ep5.el6
  • jakarta-commons-collections-tomcat5-0:3.2.1-5.ep5.el4
  • jakarta-commons-collections-tomcat5-0:3.2.1-5.ep5.el5
  • jakarta-commons-collections-tomcat5-0:3.2.1-5.ep5.el6
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el5
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el6
  • apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el7
  • apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el5
  • hibernate4-core-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el5
  • hibernate4-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el5
  • hibernate4-entitymanager-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el5
  • hibernate4-envers-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el5
  • hibernate4-infinispan-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el5
  • hornetq-0:2.3.25-7.SP6_redhat_1.1.ep6.el5
  • ironjacamar-common-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-common-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-common-spi-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-core-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-core-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-deployers-common-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-jdbc-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-spec-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • ironjacamar-validator-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el5
  • jboss-as-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-cli-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-client-all-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-clustering-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-cmp-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-connector-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-console-0:2.5.11-1.Final_redhat_1.1.ep6.el5
  • jboss-as-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-controller-client-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-core-security-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-deployment-repository-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-deployment-scanner-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-domain-http-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-domain-management-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-ee-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-ee-deployment-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-ejb3-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-embedded-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-host-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jacorb-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jaxr-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jaxrs-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jdr-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jpa-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jsf-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-jsr77-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-logging-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-mail-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-management-client-content-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-messaging-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-modcluster-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-naming-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-network-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-osgi-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-osgi-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-osgi-service-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-picketlink-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-platform-mbean-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-pojo-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-process-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-protocol-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-remoting-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-sar-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-security-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-server-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-system-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-threads-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-transactions-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-version-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-web-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-webservices-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-weld-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-as-xts-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jboss-ejb-client-0:1.0.32-1.Final_redhat_1.1.ep6.el5
  • jboss-hal-0:2.5.11-1.Final_redhat_1.1.ep6.el5
  • jboss-jsf-api_2.1_spec-0:2.1.28-5.SP1_redhat_1.1.ep6.el5
  • jboss-remoting3-0:3.3.6-1.Final_redhat_1.1.ep6.el5
  • jboss-security-negotiation-0:2.3.10-1.Final_redhat_1.1.ep6.el5
  • jboss-xnio-base-0:3.0.15-1.GA_redhat_1.1.ep6.el5
  • jbossas-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-bundles-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-core-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-domain-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-javadocs-0:7.5.5-3.Final_redhat_3.1.ep6.el5
  • jbossas-modules-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-product-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-standalone-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossas-welcome-content-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el5
  • jbossweb-0:7.5.12-1.Final_redhat_1.1.ep6.el5
  • picketbox-0:4.1.2-1.Final_redhat_1.1.ep6.el5
  • apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el6
  • hibernate4-core-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el6
  • hibernate4-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el6
  • hibernate4-entitymanager-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el6
  • hibernate4-envers-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el6
  • hibernate4-infinispan-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el6
  • hornetq-0:2.3.25-7.SP6_redhat_1.1.ep6.el6
  • ironjacamar-common-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-common-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-common-spi-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-core-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-core-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-deployers-common-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-jdbc-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-spec-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • ironjacamar-validator-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el6
  • jboss-as-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-cli-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-client-all-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-clustering-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-cmp-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-connector-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-console-0:2.5.11-1.Final_redhat_1.1.ep6.el6
  • jboss-as-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-controller-client-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-core-security-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-deployment-repository-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-deployment-scanner-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-domain-http-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-domain-management-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-ee-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-ee-deployment-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-ejb3-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-embedded-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-host-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jacorb-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jaxr-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jaxrs-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jdr-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jpa-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jsf-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-jsr77-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-logging-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-mail-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-management-client-content-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-messaging-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-modcluster-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-naming-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-network-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-osgi-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-osgi-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-osgi-service-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-picketlink-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-platform-mbean-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-pojo-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-process-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-protocol-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-remoting-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-sar-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-security-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-server-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-system-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-threads-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-transactions-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-version-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-web-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-webservices-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-weld-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-as-xts-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jboss-ejb-client-0:1.0.32-1.Final_redhat_1.1.ep6.el6
  • jboss-hal-0:2.5.11-1.Final_redhat_1.1.ep6.el6
  • jboss-jsf-api_2.1_spec-0:2.1.28-5.SP1_redhat_1.1.ep6.el6
  • jboss-remoting3-0:3.3.6-1.Final_redhat_1.1.ep6.el6
  • jboss-security-negotiation-0:2.3.10-1.Final_redhat_1.1.ep6.el6
  • jboss-xnio-base-0:3.0.15-1.GA_redhat_1.1.ep6.el6
  • jbossas-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-bundles-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-core-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-domain-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-javadocs-0:7.5.5-3.Final_redhat_3.1.ep6.el6
  • jbossas-modules-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-product-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-standalone-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossas-welcome-content-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el6
  • jbossweb-0:7.5.12-1.Final_redhat_1.1.ep6.el6
  • picketbox-0:4.1.2-1.Final_redhat_1.1.ep6.el6
  • apache-commons-collections-eap6-0:3.2.1-18.redhat_7.1.ep6.el7
  • hibernate4-core-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el7
  • hibernate4-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el7
  • hibernate4-entitymanager-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el7
  • hibernate4-envers-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el7
  • hibernate4-infinispan-eap6-0:4.2.21-1.Final_redhat_1.1.ep6.el7
  • hornetq-0:2.3.25-7.SP6_redhat_1.1.ep6.el7
  • ironjacamar-common-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-common-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-common-spi-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-core-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-core-impl-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-deployers-common-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-jdbc-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-spec-api-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • ironjacamar-validator-eap6-0:1.0.34-1.Final_redhat_1.1.ep6.el7
  • jboss-as-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-cli-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-client-all-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-clustering-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-cmp-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-connector-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-console-0:2.5.11-1.Final_redhat_1.1.ep6.el7
  • jboss-as-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-controller-client-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-core-security-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-deployment-repository-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-deployment-scanner-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-domain-http-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-domain-management-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-ee-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-ee-deployment-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-ejb3-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-embedded-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-host-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jacorb-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jaxr-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jaxrs-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jdr-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jpa-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jsf-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-jsr77-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-logging-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-mail-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-management-client-content-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-messaging-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-modcluster-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-naming-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-network-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-osgi-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-osgi-configadmin-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-osgi-service-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-picketlink-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-platform-mbean-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-pojo-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-process-controller-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-protocol-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-remoting-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-sar-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-security-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-server-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-system-jmx-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-threads-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-transactions-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-version-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-web-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-webservices-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-weld-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-as-xts-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jboss-ejb-client-0:1.0.32-1.Final_redhat_1.1.ep6.el7
  • jboss-hal-0:2.5.11-1.Final_redhat_1.1.ep6.el7
  • jboss-jsf-api_2.1_spec-0:2.1.28-5.SP1_redhat_1.1.ep6.el7
  • jboss-remoting3-0:3.3.6-1.Final_redhat_1.1.ep6.el7
  • jboss-security-negotiation-0:2.3.10-1.Final_redhat_1.1.ep6.el7
  • jboss-xnio-base-0:3.0.15-1.GA_redhat_1.1.ep6.el7
  • jbossas-appclient-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-bundles-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-core-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-domain-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-javadocs-0:7.5.5-3.Final_redhat_3.1.ep6.el7
  • jbossas-modules-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-product-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-standalone-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossas-welcome-content-eap-0:7.5.5-2.Final_redhat_3.1.ep6.el7
  • jbossweb-0:7.5.12-1.Final_redhat_1.1.ep6.el7
  • picketbox-0:4.1.2-1.Final_redhat_1.1.ep6.el7
  • jboss-ec2-eap-0:7.5.5-3.Final_redhat_3.ep6.el6
  • jboss-ec2-eap-samples-0:7.5.5-3.Final_redhat_3.ep6.el6
  • jakarta-commons-collections-0:3.2-2jpp.4
  • jakarta-commons-collections-debuginfo-0:3.2-2jpp.4
  • jakarta-commons-collections-javadoc-0:3.2-2jpp.4
  • jakarta-commons-collections-testframework-0:3.2-2jpp.4
  • jakarta-commons-collections-testframework-javadoc-0:3.2-2jpp.4
  • jakarta-commons-collections-tomcat5-0:3.2-2jpp.4
  • ImageMagick-debuginfo-0:6.7.2.7-5.el6_8
  • ImageMagick-devel-0:6.7.2.7-5.el6_8
  • ImageMagick-doc-0:6.7.2.7-5.el6_8
  • ImageMagick-perl-0:6.7.2.7-5.el6_8
  • activemq-0:5.9.0-6.redhat.611463.el6op
  • activemq-client-0:5.9.0-6.redhat.611463.el6op
  • jenkins-0:1.651.2-1.el6op
  • libcgroup-debuginfo-0:0.40.rc1-18.el6_8
  • libcgroup-pam-0:0.40.rc1-18.el6_8
  • openshift-origin-broker-0:1.16.3.2-1.el6op
  • openshift-origin-broker-util-0:1.37.6.2-1.el6op
  • openshift-origin-cartridge-cron-0:1.25.4.2-1.el6op
  • openshift-origin-cartridge-diy-0:1.26.2.2-1.el6op
  • openshift-origin-cartridge-haproxy-0:1.31.6.2-1.el6op
  • openshift-origin-cartridge-jbosseap-0:2.27.4.2-1.el6op
  • openshift-origin-cartridge-jbossews-0:1.35.5.2-1.el6op
  • openshift-origin-cartridge-jenkins-0:1.29.2.2-1.el6op
  • openshift-origin-cartridge-jenkins-client-0:1.26.1.1-1.el6op
  • openshift-origin-cartridge-mongodb-0:1.26.2.2-1.el6op
  • openshift-origin-cartridge-mysql-0:1.31.3.3-1.el6op
  • openshift-origin-cartridge-nodejs-0:1.33.1.2-1.el6op
  • openshift-origin-cartridge-perl-0:1.30.2.2-1.el6op
  • openshift-origin-cartridge-php-0:1.35.4.2-1.el6op
  • openshift-origin-cartridge-python-0:1.34.3.2-1.el6op
  • openshift-origin-cartridge-ruby-0:1.32.2.2-1.el6op
  • openshift-origin-msg-node-mcollective-0:1.30.2.2-1.el6op
  • openshift-origin-node-proxy-0:1.26.3.1-1.el6op
  • openshift-origin-node-util-0:1.38.7.1-1.el6op
  • rhc-0:1.38.7.1-1.el6op
  • rubygem-openshift-origin-admin-console-0:1.28.2.1-1.el6op
  • rubygem-openshift-origin-controller-0:1.38.6.4-1.el6op
  • rubygem-openshift-origin-frontend-haproxy-sni-proxy-0:0.5.2.1-1.el6op
  • rubygem-openshift-origin-msg-broker-mcollective-0:1.36.2.4-1.el6op
  • rubygem-openshift-origin-node-0:1.38.6.4-1.el6op
  • rubygem-openshift-origin-routing-daemon-0:0.26.6.1-1.el6op
refmap via4
bid 78215
confirm
misc https://www.oracle.com/security-alerts/cpujul2020.html
sectrack
  • 1034097
  • 1037052
  • 1037053
  • 1037640
Last major update 15-07-2020 - 03:15
Published 09-11-2017 - 17:29
Last modified 15-07-2020 - 03:15
Back to Top